Connecting the Dots between Compliance and Data for Surplus Assets and Inventory

When it comes to Big Data and the possession of personal data, it is important to understand the notice and consent that was obtained with collection and what is allowed by the relevant laws that apply when it comes to use of data. CIOs and CCOs need to work closely together to assess the types of data possessed, how it is intended to be used, what consents are required for that use, and ultimately, design a strategy and process to achieve its goals.

Regulation of Data

The proliferation of regulation around data is an upward trend around the world, and shows no sign of slowing. The laws on data privacy vary from country to country and from state to state. For instance, the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada sets out protections for personal information, stating that companies can “collect, use or disclose your personal information by fair and lawful means, with your consent, and only for purposes that are stated and reasonable.” At the same time, the laws passed often address yesterday’s ideas. Managing the tension between the fast pace of imagination for how data can be utilized and the slow pace of regulators to react to changes—is a challenge for companies and governments alike. In fact, the European Union (EU) is circulating a draft of a new Privacy Directive that places more focus on use of the internet and the cloud, innovations that have been widely used for years, and contains stricter penalties for violations.

“Organizations need to understand who owns data and the regulations surrounding it in order to successfully innovate across their supply chain, and then consider compliance as a primary factor”

These changing regulations point to a blind spot when it comes to surplus asset management and sales. Compliance teams at companies are often focused on compliance specifically for their industry and the changes in laws for data privacy in areas, such as the reverse supply chain, are not accounted for in their larger planning and goal setting. The impetus then falls on the vendor managing surplus assets and inventory to provide clients with guidance, and to red flag any potential issues around data privacy. However, if the vendor does not have the expertise or resources, then compliance issues can surface. Choosing a provider with a compliance officer who can counsel clients on these matters is paramount to ensure adherence with the relevant laws.

Conclusion

Big Data has changed the way companies do business, and elevated the role of the CIO. However, dealing with this valuable asset is highly complicated and becoming more so every day. Compliance is at the forefront of executive management for leading companies, and many companies have invested significant resources to manage this issue for their respective industry. In order to achieve strategic goals across the organization, companies have to also account for the potential risk factors—including data privacy—across their total supply chain. The reverse supply chain holds value for companies who leverage the expertise of a trusted vendor to increase recovery value and benefit from sustainability, but it can also present issues if companies are not mindful about compliance in this area. How a company’s reverse supply chain partner collects and uses data can create liability. By partnering with a provider that has compliance resources to support the company through planning for its surplus, organizations can better leverage its data while enhancing value and truly innovating their reverse supply chain.