Appointing a Digital Privacy Officer (DPO) can get you started with a good compliance strategy. But then? How will he maintain a good overview of your company’s digital landscape? How can he guarantee that all your company’s websites are compliant? Microsoft Excel surely is the most popular spreadsheet to compile data in a logical and systematic way. But the limitations of Excel will ultimately fail in the long run.
Human errors
When discussing The General Data Protection Regulation (GDPR) it is crucial to understand that personal data is prone to constant change. Excel cannot keep track of all the information. Besides that, a clear oversight of who has access to the data, and who has changed it is missing. When using Excel, you lose the responsibility of each employee to handle the data accordingly.
While we are on the topic of humans handling data, we also have to consider human errors. When an employee is manually entering data in the Excel file, a (human) error can easily be made which could lead to a data breach. Additionally, when the employee at hand is leaving his post, who knows where it is stored or where the consent is?
The pitfall of Excel as a GDPR system
GDPR automation software solves the above-written problems and more. It can untangle your compliance process and continuously record any processing activities (ROPA). Instead of having multiple IT systems where all your data is stored, you now have only one platform with all the information. Besides the changes administered, GDPR software can give you a clear overview of all the changes and operations in the company.
Another item Excel is missing is a track system of all GDPR activities. It cannot track, respond, and monitor data requests and manage consent. With automation software you have one central platform which manages notices and propagates them to all consent collection channels. In this way, your marketing layers are all up to date in the blink of an eye. With this software you have real-time insights into the personal data lifecycle from the moment of opt-in to the data removal.
GDPR also allows the users of your website to request insight into how their data is used. This has to be done without undue delay and within 30 days of the request. Surely this is possible to write down in an Excel file, but what if your website has had thousands of visitors in the past month, how do you know where their data is stored? Automating this process does not only manage this request, but it automates the entire process so that it can execute requests timely and accurately.
As previously mentioned, Excel does not give a real insight into the technical implication of data removal. It gets especially difficult when the data subject uses more than one active service of the company. Automated platform can automatically give instructions to a different system when data deletion needs to be executed. Since Excel cannot delete everything from the several tabs and pages open, automating this process can be worthwhile.
The final item to reconsider when thinking about using Excel is to think about what would happen if the GDPR officer quits. It can mean that their way of using Excel for GDPR disappears entirely. Suddenly, the overview of all the websites of the company is lost. This would mean that the next GDPR officer has to start from scratch. Not only will this take time, but human errors can be made in the process which can lead to data breaches.
Excel is good, but not fantastic
While Excel is a fantastic program for calculations and schemes, it is not a specialized tool for GDPR compliance. It lacks features such as data mapping, consent management, and data subject access requests handling. If your company has a small number of websites to check, this might be doable. Yet, as the number of websites grow, you will find yourself unable to keep track of all the websites and the CMPs on these websites. Besides automating tasks, the specialized software offers better security and privacy features. So, with investing in automation software you are not only saving a lot of time, you are also investing in better security features that will help you to avoid data breaches and gives you a competitive advantage over your competitors. This, on its own, helps you to avoid hefty fines and any brand damage to your company.
Excel can help you out in the short run, but as your website portfolio grows it can be increasingly more difficult to manage in the long run. Not only do you have to check whether all your websites have a Cookie Management Platform, you also have to check for the several other factors which make your website GDPR compliant. That is where Nixon Digital kicks in. The Nixon platform gives you a clear insight into your digital landscape. How much websites you have, whether they have the right SSL certificates, and more.