GDPR : Is current Pharma Marketing & Sales about to change?
GDPR needs to be fully implemented by 25 May 2018, yet most businesses are not prepared for the potential impact it will have on commercial operations. It will change how business operates, as the shift of power in Europe moves from big business to the individual when it comes to their data. Europe has got series in protecting its citizens by wielding a mighty threat of a fine of 4% of global turnover (or 20M euros whichever is higher).
Fundamentally your business will not be allowed to hold data on individuals without their explicit permissions, have a valid business purpose and have to keep only enough information for as long as it is needed to carry out your agreed permission.
If we look at this in more detail with regards to pharmaceutical companies. They hold vast amounts of data on customers (most of which they don't use), they process data (target and segment), they record data (from sales calls), they buy in customer data, they gather vague permissions from customers without having clear plans and strategy in place and most of the time they don't have a complete picture of what is happening with the data. ALL of the above practices in most companies are likely to be considered a GDPR breach.
Fundamentally, to get your business ready for GDPR is a major change management task and requires more than just allocating lawyers. It impacts the majority of sales and marketing processes, as commercial operations prepare for the next years brand/account planning your teams need to be aware of GDPR and what to do differently.
Acting quickly is essential, otherwise to reduce risk companies may be required to delete essential data and then pick up the pieces. There are 3 clear steps that your company needs to go through.
1. Audit Risk: Your company needs complete transparency of what personal information your company has in many different places. There needs to be full documentation of the processes your company follows with the individual data. A review of current permissions, should help your business understand what would be allowable from 25 May. The risk associated with your current use of data, systems, 3rd party companies, use commercially needs to be assessed.
2. Fix Risk: Following the audit, an intervention plan needs to be put into place. New processes/policy plans, deletion of customer data, permission statements, new customer permission requests and new contracts with 3rd parties need to be in place before 25 May. Along with this stage, your teams need to be trained on what GDPR is and what they can and can't do.
3. Optimise business: GDPR doesn't mean your business can't operate effectively, it just means it has to work in different ways. This is your opportunity to drive your business transformation agenda. Pharma has traditionally used older marketing models, pushing key messages, targeting and segmenting on potential and creating brand centric content. The more successful companies will need to think about community management, content marketing, customer experience and providing value to the customer. If your business cannot provide value to your customers then you lose the right to communicate/engage with them. Key business processes and systems currently are focused on individual customer information, yet marketing doesn't use that information effectively to personalise and engage. GDPR could be that catalyst for change for the better.
Is your pharma sales and marketing bubble about to burst? That does depend upon whether you control or react to the changes ahead. Importantly, you need to seek advice not just legally, but to help you make the most of it.
Visit www.be-remarkable.co.uk or contact firstname.lastname@example.org for more information.