GDPR and a history of regulation-driven innovation

In a series of blog posts, the ‘Coach’ offers recommendations on how to get businesses into shape so they can thrive in the new data era.

It’s tempting to view the EU’s General Data Protection Regulation (GDPR) as burdensome and bureaucratic. In truth, if handled well, GDPR compliance could bring about an era of data-driven innovation for your business.

The introduction of the GDPR is a huge competitive opportunity, if it inspires organizations to adopt unified information governance as part of a core strategy. The regulation can also be used as a framework for business transformation (this is what IBM did) by providing insights about what personal data businesses hold and how it can be used in a way that can help to build trust with individuals.

There is a long history of new laws and regulations creating competitive opportunities and driving innovation in industries such as finance and healthcare.

Financial services

The UK Open Banking initiative is an example of a regulation that has driven innovation. It requires banks to allow customers to share their data with other banks and third parties, ultimately providing customers with a richer and more efficient way of handling money. This has caused banks to up their game and become more customer focused.

US banking regulations requiring increased scrutiny of transactions, lending and business practices have also contributed toinnovation in analytics products for countering fraud. Technological progress has been driven in important areas such as identifying suspicious transactions, defending against online fraud threats and compliance. According to the article, customers report having greater trust in their banks, which they feel are now better protected against criminals.


In the United States, fines are imposed on hospitals with high rates of readmission or high rates of preventable, adverse events such as falls or hospital-acquired infections. To help avoid such fines, hospitals have been developing advanced, predictive clinical analytics solutions.

“The coach’s take: “Business is fueled by change and the opportunities it unleashes.”

A new future

Like the companies that embraced regulation and new opportunities for innovation in the past, organizations complying with GDPR’s data protection principles can bring many benefits.

By demanding that businesses build stronger risk-management and audit capabilities, organizations can shape new attitudes and workers can gain new skills. For example, investments in technology driven by GDPR are likely to significantly augment data collection and analytics capabilities. An enhanced, enterprise-wide view of your business and customers could result, helping you proactively avoid potential problems and identify new opportunities.

Adhering to regulations now will position you to gain the trust and confidence of your customers and employees into the future. The long-term business value this could bring shouldn’t be underestimated.

The big turning point

The control large companies have over individuals’ data is under scrutiny across the world. It’s hard to predict whether regulations protecting the personal data rights of individuals will be augmented even further in the future. Certainly, the value individuals attribute to having their personal data protected is likely to rise.

Businesses that take the initiative to go above and beyond GDPR, striving to recognize their customers’ rights, will help differentiate them from competitors in the present. Moving forward, they’ll be well positioned to adapt to any increased public appetite for even greater control over personal data.

For more from the ‘Coach’ take a look at the rest of this GDPR series.

Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations. The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.