The Data Protection Act (DPA) will soon be replaced with a new General Data Protection Regulation (GDPR). This will come into effect from 25 May 2018 and surveys to date indicate a woeful lack of awareness and readiness for the impact of this regulation.

The GDPR will significantly expand the scope and reach of data protection going forward. This means that most companies cannot rely on their Legal and Security officers to champion DPA compliance and safeguard personal data processed by the company (and 3rd parties). Going forward, companies need to embrace data protection as a core competence as the reputational risks and regulatory fines can put you out of business.

GDPR introduces an Accountability Principle that makes the data controller (your company) responsible for demonstrating compliance and for notifying the authorities of any breeches. This means that data protection changes from a reactive tick-box approach to a proactive business-critical approach.

Going back to basics, we used the Information Commissioner's questions to check people's current understanding of personal data. We gave a number of examples and asked for personal data to be identified, e.g. car number plate, business contact, conference attendee, blog post comment, email address, group photo from sports club, blood test results. 

We received a range of different responses and concluded that it is very difficult to correctly identify when data is personal. The reason for this difficulty is that under GDPR, the correct interpretation depends on the specific context for the data. Most employees would want to be told in clear and simple terms what data falls within GDPR, but that will not be possible. Instead, we suggest that you treat all data with the same protection as personal data and make exceptions for data that is confirmed as non-personal. Note that non-personal data can become personal data if the context changes or new data is added to existing data.

We are pleased to announce that Caleidoscope Associates have been approved as a supplier of Cloud Support Services by the Crown Commercial Services.
This means that UK Government Departments have easier access to our 'Digital Transformation' and 'Faster Projects' services via the Digital Marketplace (aka G-Cloud 9).
We look forward to assisting with the digital transformation of public services.
​Link to Digital Marketplace

Across different industry sectors and country borders, organisations are embracing DIGITAL TRANSFORMATION. Whatever your progress on digital initiatives, it is never too late to learn from others' mistakes.

A major study by MIT Sloan Management Review and CapGemini Consulting [1] identified a number of common barriers to digital transformation programmes amongst 1,500+ organizations:

1. Leadership
Lack of urgency and pace (63%) was frequently reported, though this is hardly surprising when only one third of the companies studied didn't share the digital vision openly with their staff, and made even worse where the executives were not aligned on the vision. To achieve the necessary buy-in and momentum, it is critical to establish the digital vision as part of the DNA of the organisation. This requires the value system to be updated so that everyone affected can see for themselves that the old way of doing things is now out of alignment with the new values. This helps to drive natural course-correction and can help generate a pull-force whereby people are asking for and welcoming the changes.

2. Business case
A number of companies struggled with defining a Return on Investment (ROI) for their digital transformation investment. Having difficulties with quantifying the benefits and therefore not spending enough time at the early stage to understand the benefits, this led to weak justification for the changes they wanted to make. My own experience has taught me that digital transformation can involve a lot of 'enablers' that in themselves do not offer significant measurable benefits. This can be challenging when the board is asked to approve investments with negative NPV based on boiler-plate business case models. Digital transformation may therefore include a new way of assessing business cases, e.g. new measures, new timescales.

3. Governance
Only 40% of the companies followed a formal governance model and three out of four did not have any formal KPIs to measure progress of the transformation over time. So, what is going on? Due to the wide impact of digital transformation, it may be difficult to decide where the transformation effort should sit within the organisation, who should sponsor it, and which budget pot the investment will come from. The Executive Sponsor must have full support from the Board to enable changes across functional silos and lines of accountability. Without formal programme governance established, it will be very difficult to set priorities across the organisation and to secure resource commitments against business-as-usual demands. The KPIs need not be limited to financial benefits, but should take into account other measurable benefits such as Net Promoter Scores (NPS), simplified processes, reduced hand-over points, etc. The key to measuring transformation progress is to start measurements BEFORE business changes are being implemented. Otherwise, you will not have a proper baseline to measure against. 

4. Culture & Capabilities
Unsurprisingly, digital transformation programmes met the same barriers as other major business change initiatives: lack of skills to execute the programme, conflicting priorities and resistance to change. According to McKinsey & Co, most companies are limited to 2 or 3 concurrent major change initiatives [2] and a digital transformation programme is likely to count as one of them. The fit between a digital programme and other ongoing programmes need to be carefully assessed to resolve potential issues around scope, governance, resources and priorities as part of the digital transformation planning stage.
The risk of skills shortages can be partly mitigated by bringing in external consultants, but a successful transformation team must include respected managers from the organisation to lead in different areas.
​With an openly communicated vision, a strong business case and governance framework, you have the means to manage priorities and avoid many potential conflicts. With strong leadership from the top, leading by example, this gives the confidence that staff needs in order to overcome skepticism and the natural resistance to change.

References:
[1] CapGemini: Embracing Digital Technology a New Strategic Imperative (2013)
[2] McKinsey: Finding Your Digital Sweet Spot

The road to success can seem long and winding, so it is important to pause and celebrate achievements along the way. Caleidoscope Associates have been helping customers shape and deliver projects and programmes for more than 15 years.

Our success would not have been possible without the effort and dedication of the hundreds of team members and many sponsors that we have had the pleasure of working with. Our portfolio of experience covers a variety of organisations and different challenges: From designing new products and replacing IT systems to implementing business changes and introducing new ways of working for a whole industry.

Looking back, we have identified three insights to guide us on future projects:

• ONE: Early stakeholder engagement – projects often have a wide impact and stakeholders should be identified as early as possible to validate the impact and agree how each stakeholder or stakeholder group needs to be engaged. The later that stakeholders are engaged in the project, the higher the costs to the project and the higher the risk of late changes and delays.

To succeed with projects, the project team needs to maintain focus for prolonged periods of time. They also need the resilience to overcome obstacles and handle challenges in a productive and positive way. For this to be possible, we need to take care of body and mind.

The article below has some very good points to help you and the rest of your team to achieve optimum performance.

Link to article: http://uk.businessinsider.com/bad-habits-you-should-break-to-be-more-productive-2016-1

Let us know how you get on!

According to 'Linchpin' by Seth Godin: "Optimism is the most important human trait, because it allows us to evolve our ideas, to improve our situation and to hope for a better tomorrow."

During the life of a project, many things happen: team members join and leave, budget cycles ebb and flow, internal conflicts and constraints arise, and stakeholders throw curveballs.

For the average person, these events are enough to throw them off and turn them away from the project. This is a high risk in non-project environments and can lead to sudden loss of key people.

In environments that are used to running projects, the risk is more likely to show up as battle wariness. This is when people stop showing up at project meetings, switch priority to other things and need a lot of chasing to do anything for the project.

Either way, when people lose hope for the project they will naturally turn away, switch off and disengage. This is partly to preserve energy and save time, but also to protect themselves against disappointment and to not be on a 'sinking ship'.

The project manager has a crucial role in managing the collective hope for the project. I'm not talking about blind optimism here, but maintaining a clear vision, showing the path to reach the project goal and defending the project from negative talk and unfounded rumours.
We've talk about vision in an earlier post and this explains the reason why the project exists. The path to reach the project goal is defined in detail in the project plan, though I find it useful to have a project strategy to explain how the project team will succeed despite the many challenges along the way. This strategy is key to manage hope.
When it comes to dealing with rumours and negative talk, I insist on openness and transparency within the team so that questions and concerns are addressed early and not left to fester into ill assumptions and hearsay.

Delivering projects typically involves a team of experts and potentially a large group of stakeholders. Projects can be delayed in many ways, often unintentionally but also intentionally. In Critical Chain project methodology (see 'Theory of Constraint' by Eliyahu Goldratt), a core technique is to continually search for constraints to fix in order to keep the project flowing with minimal resistance.

Data privacy is a growing challenge for #IoT and #M2M applications with concerns for abuse of personal data by companies in the #DataValueChain. Whilst the privacy around data acquired through the consumption of individual services may be covered by user agreements for each service, how will private information created from aggregated non-personal data be protected? In many instances, non-personal data can be triangulated to derive highly personal information. Should 'non-personal' data be treated as personal data? 


Non-personal data can become highly personal if augmented by contextual data. For example, your presence on the high street is probably not very personal on its own. Now augment this data with a purchase in a wine bar, followed by a taxi ride to someone's house before you arrive home. Suddenly, the combined data could become highly personal.

The data for this hypothetical scenario is already being harvested by service providers and smartphone apps such as travel maps, card and mobile payments, internet search, social apps, etc. 

How will we balance the need to provide personal data for specific service provision and prevent this data from being combined with other personal data shared for a different purpose? How can the service providers assure users of the use of personal data AND other data about the user?
According to #GigaOm, the data privacy ship left a long time ago. Is it really too late to do something constructive to safeguard personal  data?