Implementing European Data Privacy Standards In Laws And Aligning A CRM System With Strategic Objectives Is Crucial.

Tesco management with CRM system

Discuss about the European Data Privacy Standards Implemented In Laws.

Now that Tesco has a CRM it stands a better chance to implement a differentiated pricing strategy which has to be built on detailed information regarding price elasticity which the management did not possess before. As a result, Tesco will then be in the position to classify its customers by customizing mailings and discounts which can support it produce more sales through the identification of new good to intensify their offerings.  

With the introduction of the CRM system is that Tesco can make use of a frequent-shopper card which allows customers to gain discounts during the time of making purchases and at the same time the business gets information regarding their buyer. Consequently, this creates a detailed database of the client’s preferences.   

The CRM process applies the strategy of including all interactions between the business and its customers. Thus, this touch points increases the data repository of its customers such that it gets access to their personal information; like phones number and address, purchased goods, their latest transactions as well as any complaints raised. Once the business has all these information in place, it helps them to maintain constructive relations between the business and the client.

Yes. Indeed the value is sustainable over time because once the business has access to its customer’s address, it becomes possible to support and maintain a long-lasting positive relationship with the customer. 

The usage of CRM is beneficial to the consumer since it comprises discounts and coupons which are likely to be targeted by the distinct preferences. Therefore, instead of customers getting blasted with sales announcements that are not related to their preferences, the use of CRM system is a friendly change. Logically both Tesco, as well as its clients, stand to benefit from this new system.    

Shown following is a diagram from ITIL that describes how IT moves from technology to business focus. Compare this view to the model shown in Chapter 8, figure 8.1 and the list of IT activities that the textbook shows as being the responsibility of IT.

The has to be changed in the role of the management of IT in that for the model involving service desk, event management, incident management, proactive problem management, and supplies or contractor whereby after problem detection the next and immediate step should be problem investigation and diagnosis and not problem login. The reason being that after detecting a problem, what has to follow is to investigate the problem so that to be in a better position to understand what this problem is all about which is referred to as problem diagnosis. Therefore, the towed model can be reconciled such that certain events can be merged into

Benefits of CRM system

The infrastructure investments are higher for a firm with agility focus unlike the cost focus firm because there are lesser direct cost savings outcomes from infrastructure investments. Accordingly, firms with a cost focus demand an instant payoff. Similarly, transactions, as well as information investments, are lower for an agility-focused on firms for a similar reason. There are no obvious reasons that strategic investments are the same for the two types of firms. Perhaps infrastructure is the primary source of significance for an agility-focused corporation. Therefore, strategic investments are spread across the two classes of such a firm.

Infrastructure investment is greater for a firm with an agility focus as compared to a cost-centered because there are lesser direct cost-savings outcomes from infrastructure investments. Corporations with a cost focus have to have an immediate payoff. On the same note, informational and transactional investments are lowering for an agility-centered corporation which means a firm that is focused on higher for a cost for a similar reason. Indeed, there is no apparent reason that strategic investments are the same as for the three firms. Maybe if the infrastructure is the core source of advantage for an agility-centered corporation, thus there is no strategic investments that are spread across the three categories of such a given corporation.

1. What governance approach did John Deere appear to have adopted? Did it fit the profile of an “old” heavy industry player?

John Deere adopted an ecosystem type of governance for most of the MyJohndeere platform. By opening the system to gain access by not only employees and customers, but also farmers, government workers, ranches, and landowners, thus all these players can create their individual application for analysis of the data in real-time. The core advantage with this latest structure is its IT capacity being in the position to meet the users’ requirements in a better way that they could not be able to gain before. With the opening of the platform, other players enjoy the benefit in synergies with other players.  

2. What difficulties do you think an “old” heavy industry player such as John Deere encounter internally when proposing to develop the MyJohnDeere platform?

There is no data in the case to suggest what exactly happened, however, it is simple to imagine that some managers at the company may have been more used to a proprietary method that valued data being held “üp its sleeves” or “close to the vest”

3. What difficulties do you believe John Deere faced externally among the proposed users?

There is small information to suggest what exactly occurred, but it is simpler to imagine that consumers could not be able to understand what was being offered and why they are supposed to do to change their operations.  

4. How do you think John Deere might have overcome those internal and external difficulties?

Internally, it is possible that the scenario required to be reviewed to ascertain that the given data could not provide competitors with an upper hand or give suppliers as well as customers with extra power.

CRM process and its advantages

Externally, John Deere might require to offer a significant marketing materials to show the benefit as well as opportunities MyJohnDeere would likely offer.

5. What other parties might have been interested in obtaining the information in John Deere’s cloud? What might they have done with it?

It is more probable that the rivals are likely to be interested in the same information, to increase their power in the marketplace. Additionally, prospect clients are likely to be in need of tracking cost as well as productivity enhancements by the present customers to approximate the efficiency of the platform.

Vertical integration is a commercial strategy that corporations integrate either two or more processes in the production procedure to work much more efficiently and effective while outsourcing is the transfer of part of the work to a third party. In other words, vertical integration is the merging of two or more companies while outsourcing is the process of providing business to another party that is specialized in undertaking the business.  

Certainly, both outsourcing and vertical integration are a form of strategic practices of businesses that are taken as part of the competitive business advantage. Both outsourcing and vertical strategic activities complement for the competitive strategy of a business since it supports the corporation in increasing the returns and lowering on the expenses. Furthermore, these practices enhance the business effectiveness as well as efficiency regarding production processes, therefore, intensifying the competitiveness which aids in having a competitive edge over competitors.

The European Union will introduce “General Data Protection Regulations (GDPR)” on 25/05/2018. You are required to complete the following tasks:

The European Union General Data Protection Regulation (GDPR) includes some latest data protection requisitions which commenced being applied on 25 May 2018. The core target of these data regulations is to make sure that there is harmony between data protection rules across the EU as well as acting as a substitute for the national data protection laws. Accordingly, the establishment of clear, and universal data protection rules is because it intends to construct a legal certainty for business. Thus, the primary objective of this data protection is to ensure that consumers are safeguarded in their online service transactions. Consequently, some of the Australian businesses that are insured by the Australian Privacy Act 1998 (Cth) the Privacy Act referred to as APP will be required to adhere to the following DGPR is they have to possess an establishment in the EU in spite of whether they are in possession of personal data in the European Union or them have no investment in the EU but provides services and products or even monitor the conduct of individuals in the EU. As a result, these privacy laws involves certain similar necessities. For example, both laws advocates for transparent handling of information activities as well as businesses responsibilities, with the intention to provide people confidence in their privacy protection. Similarly, both laws demand that business should implement measures that see to it that they adhere to the set-out privacy principles by taking the privacy design technique to compliance. In case of a data breach, notification is needed under some instances in the GDPR as well as under the Privacy Act. Furthermore, privacy influence evaluation allowed under some instances in the GDPR is expected in the same situation in Australia. On the same note, both laws are neutral in terms of technology, which preserve their relevance in addition to adaptability in the setting of continuously changing and evolving technologies.

Infrastructure, transactional and informational investments

GDPR applies on all data processing undertakings of businesses regardless of their size, controllers or data processors while the Australian Privacy Act applied on a majority of the government agencies all private sector as well as non-profit making companies that have a yearly turnover of over $3 million. It also applied to all health service fenders and certain small businesses. 

The GDPR applied to personal data that is any information that is related to an identified or identifiable natural person: Art 4(1), on the other hand, Australian Privacy Act applied on personal information (PI) like views on an identifiable person.

In general the GDPR controllers have to ensure that they implement appropriate organizational as well as technical measures as a demonstration of its compliance, which has to be built in privacy by design and default according to Art 5, 24 and 25, while the Australian Privacy Act it is the responsibility of the APP entities to make reasonable steps to see to it that they implement practices, processes as well as systems to make sure they comply with the APPs and to enable complaints according to APP 1.2. As a result, businesses are required to appoint major roles as well as responsibilities for the management of privacy and undertaking of privacy evaluation for numerous updated and new projects. 

In the case of overseas transfer GDPR laws demand that personal data be transferred outside the EU under restricted condition such as to nations which offer enough data protection level, the standard of data protection clauses are binding to the corporate regulations and that they have to have certified codes of conduct whereas the Australian Privacy Act demands that that before unmasking PI overseas, a business has to take reasonable steps by ensuring that the recipient can breach the APPs in regard to the information. Also, this privacy act demands that the business entity will be accountable for any form of breach of the APPs by the overseas recipient in connection with the information.    

Accordingly, the EU-US Privacy Shield is established to be one of the latest lawful frameworks for the transatlantic flows that operate as a replacement for the Safe Harbor agreement. The core intention of this new framework is to safeguard the essential rights of European people through which their data is transferred to the U.S. as a way to make sure that legal there is a lawful business certainty. As a result of the EU-US Privacy Shield it brings the following effects:

• It ensures that it is the responsibility of all-powerful corporations located in the United States to see to it that they protect the individual data of the European people.To attain this these businesses have to strongly watch over and enforce tough laws and this task has been left in the hands of the U.S. Department of Commerce and Federal Trade Commission.
• The gain of access to individual information being transferred under the novel organization of public administrations on the United States has been scheduled to be a subject of clear state, restrictions as well as oversight which prevents the general access.
• It also raised the fine amounts for breaches of the GDPR to four percent of the yearly international turnover which is equivalent to 20 million Euros
• Accordingly, a “Privacy by design” provision demands that data protection has to be designed into business services whereby measures have to be undertaken to protect data from the start of the client involvement.
• The GDPR goals are to hold businesses responsible for their data activities thus the introduction of such new accountabilities as the requirement for data protection guidelines affects their assessment.With regard to data security front which is extensively a detailed necessity has been launched to impose on vendors acting as processors where in case of a data breach it has to be notified within seventy-two hours.
• GDPR demands that international corporations operating across the EU shall be required to appoint independent Data Protection Officials. Indeed, this is a challenging responsibility that targets to accomplish the given breath of knowledge that needs to be controlled by both information Technology systems as well as familiar with the lawful features of the GDPR.
• “Rights to erasure” states that persons have been significantly reinforced rights which consists of the rights to access to their data, erasure, and rectification and can also object to processing.
• The GDPR also has restrictions on international data conveyance. Both controllers and processors can only convey data external to the boundaries of EU if they have put in place the required privacies and if the persons have enforceable rights as well as lawful remedies.As a result, the GDPR has helpfully expanded a range of options exist to legitimize the transfers such as binding company laws, an approved code of conduct, and standard contractual clauses adoptions by the commissions among others.

MyJohnDeere platform

Greenleaf, Graham. "‘European data Privacy Standards Implemented in Laws outside Europe." (2017).

Huang, Kuang-Chiu, and Jung-Fang Hsu. "Balance between Privacy Protecting and Selling User Data of Wearable Devices." (2017).

Chua, Hui Na, Anthony Herbland, Siew Fan Wong, and Younghoon Chang. "Compliance with personal data protection principles: A study of how organizations frame privacy policy notices." Telematics and Informatics 34, no. 4 (2017): 157-170.

Team, ITGP Privacy. EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide. IT Governance Ltd, 2017.

Da Veiga, Adele. "The Influence of Data Protection Regulation on the Information Security Culture of an Organisation-A Case Study Comparing Legislation and Offices across Jurisdictions." (2017).

Hijmans, Hielke. "The Transatlantic Trade and Investment Partnership and the Developments in the Area of Privacy and Data Protection." Legal Issues of Economic Integration 43, no. 4 (2016): 385-398.

Grover, Varun, Roger HL Chiang, Ting-Peng Liang, and Dongsong Zhang. "Creating Strategic Business Value from Big Data Analytics: A Research Framework." Journal of Management Information Systems 35, no. 2 (2018): 388-423.

Pearlson, Keri E., Carol S. Saunders, and Dennis F. Galletta. Managing and Using Information Systems, Binder Ready Version: A Strategic Approach. John Wiley & Sons, 2016.

Gunasekaran, Angappa, Nachiappan Subramanian, and Thanos Papadopoulos. "Information technology for competitive advantage within logistics and supply chains: A review." Transportation Research Part E: Logistics and Transportation Review 99 (2017): 14-33.

Fink, Lior, Nir Yogev, and Adir Even. "Business intelligence and organizational learning: An empirical investigation of value creation processes." Information & Management 54, no. 1 (2017): 38-56.

Hill, Charles WL, Gareth R. Jones, and Melissa A. Schilling. Strategic management: theory: an integrated approach. Cengage Learning, 2014.

Rothaermel, Frank T. Strategic management. McGraw-Hill Education, 2015.

Rai, Arun, Ilgaz Arikan, Jessica Pye, and Amrit Tiwana. "Fit and Misfit of Plural Sourcing Strategies and IT-Enabled Process Integration Capabilities: Consequences of Firm Performance in the US Electric Utility Industry." Mis Quarterly39, no. 4 (2015): 865-885.

Weiss, Martin A., and Kristin Archick. "US-EU data privacy: from safe harbor to privacy shield." (2016).

Sotto, Lisa J., and Christopher D. Hydak. "The EU-US Privacy Shield: A How-To Guide." Law360 (2016): 1-4.

Deckelboim, Sherri J. "Consumer Privacy on an International Scale: Conflicting Viewpoints Underlying the EU-US Privacy Shield Framework and How the Framework Will Impact Privacy Advocates, National Security, and Businesses." Geo. J. Int'l L. 48 (2016): 263.

Dimitrova, Anna, and Maja Brkan. "Balancing National Security and Data Protection: The Role of EU and US Policy?Makers and Courts before and after the NSA Affair." JCMS: Journal of Common Market Studies 56, no. 4 (2018): 751-767.

Townend, Judith. "Data protection and the ‘right to be forgotten in practice: a UK perspective." International Journal of Legal Information 45, no. 1 (2017): 28-33.

Jia, Fu, Guido Orzes, Marco Sartor, and Guido Nassimbeni. "Global sourcing strategy and structure: towards a conceptual framework." International Journal of Operations & Production Management 37, no. 7 (2017): 840-864.

Creon, Myun J., Varun Grover, and James TC Teng. "Theoretical perspectives on the outsourcing of information systems." In Outsourcing and Offshoring Business Services, pp. 25-52. Palgrave Macmillan, Cham, 2017.