How to build the business case for privacy

Passion for doing the right thing is a great start with privacy. But spreading the word and implementing privacy compliance often requires something more – money. Here are five tips on making the business case for true privacy compliance and getting the budget you need. 

By Nigel Jones

Co Founder of The Privacy Compliance Hub

September 2022

1. Be clear on the benefits

Investment in privacy compliance is exactly that – an investment. Shape the argument so your superiors or the budget holder understands that spending money on good privacy compliance is much more than just a cost. You might argue that customers are increasingly privacy-conscious and are more likely to spend with businesses that treat their sensitive data with the care, respect and security they deserve. That investors look at privacy as a ‘tell’ on whether a business is well-run – if privacy is taken care of then the chances are other elements of the business are in order too. Or that investment in good privacy practices – and demonstrable compliance – reduces the risk of breaches, eye-watering fines and an exodus of disgruntled customers. 

2. And be clear on the costs

Everyone likes certainty; particularly the money men and women. Good privacy compliance requires an ongoing investment of both time and money. Quantifying both makes a budget request more compelling and helps ensure the business can plan financially. Any good privacy consultant or service provider, including ourselves, will be clear on costs and how much time is required to reach compliance. They’ll help you make the case for adequate investment, and will show a clear path to how those funds will ultimately save your business time, money and worry. 

Answer our GDPR compliance checklist questions and we will email you an objective, personalised audit report within minutes, completely free of charge.

Get your audit

3. Don’t be embarrassed

Asking for money isn’t easy for everyone. But some people, notably those in sales, aren’t phased by asking for their share of the budget. This is because they ask in the right way, with a mixture of politeness, persuasion and by offering a clear picture of how an investment will benefit the investor. They believe what they are doing is right, and are prepared to defend their price or costs because they believe the solution justifies its initial price tag. Others look at context. What does good privacy compliance cost in relation to an overall IT or marketing budget? There’s no reason for legal or compliance teams to be shy about asking for a privacy budget, especially when considering what else the business spends (and for what reasons). In practice, privacy compliance is likely to be a minuscule part of overall company expenditure. Never be embarrassed! Think of the business case as a solution – and sell it internally as such.

4. Remember – this is about respect

If you’ve been given responsibility for managing privacy, you deserve to be supported to do that job in the best way possible. Investment in privacy shows that a business respects its customers and staff, as it is trying to do the right thing by them. And it shows respect for your judgement that you’ve found the right solution to help you build a culture of continuous privacy compliance.

If you want more practical content like this article, please click below to sign up for our monthly newsletter.

Sign up now

5. Demonstrate alternatives and examples

Show you’ve done your homework by explaining you have investigated alternatives, including pros and cons, plus the potential financial and reputational risks of not getting this right. Our helpful article about different types of privacy solutions may be of assistance here. But the internet is also awash with news about large fines for businesses that didn’t prioritise privacy — you might even be able to find examples from your own business sector. You could even use our free 10-minute privacy health check to demonstrate where the organisation currently stands on privacy. If possible, break down costs for each employee to make the investment more palatable. The Privacy Compliance Hub, for example, can work out as little as £31 per employee per year. A bargain when you consider the potential consequences of getting privacy wrong. 

If you want to do the right thing on privacy but are worried about asking for funds or resources, speak to our team. We believe in what we do, we’re comfortable in the benefits that we provide, and we’re in your corner when it comes to making the case to your colleagues.

More to watch and read