Uncertainty about data protection issues
Rather, the hurdles lie at the implementation level. Data protection and IT security requirements are at the top of the list, at 62% and 56% respectively. The General Data Protection Regulation protects customer data, but also obliges companies to protect their data from unauthorized access. Both are of great importance, but the relevant regulations can be confusing and opaque for those responsible. In particular, smaller companies without their own legal department can have problems navigating the regulations. The fear of not meeting the legal requirements for data protection becomes a hurdle for a digital way of working. This starts with data protection declarations on the company's own websites. Templates can be partially adopted here if necessary, but it requires a certain degree of expertise to be able to safely assess which parts are suitable for one's own company. (More on data protection and GDPR here.)
IT security then presents the next problem. For one thing, the first step here would be to know about possible dangers in the first place. Secondly, precautions would have to be taken against security risks once they have been identified, and various protective measures would have to be taken. This requires specialist knowledge that, in the worst case, no one in an SME has. As a result, a patchwork quilt of half-baked digitization measures is often left to fend for themselves.
Decide and participate
Another problem is, not surprisingly, the human factor. At the planning level, insufficient know-how about the possibilities and requirements of digitalization means that no appropriate decisions are made or digitalization projects remain vague and no concrete goals are defined. In addition, lengthy processes and a lack of willingness to make decisions at the highest level can hamper progress. A lack of requirements from the top management thus represented a hurdle for 30% of companies interviewed in the aforementioned survey. Without a strategy, it is not possible to implement the change.
Getting employees on board
A lack of acceptance of digitization measures among the workforce can be another problematic factor. In Part 1 on this topic, we showed that employee involvement is essential for the digitization process in the company. The workforce must be involved in order to meet the demands of everyday work when designing digitized processes. The feeling that decisions are being made over one's own head, or even to one's own disadvantage in practice, can understandably lead to frustration and an aversion to the entire process. To avoid this, input from employees should be encouraged and taken seriously. If those who are ultimately expected to work in digitized processes reject them, the project has little chance of success.
In order not only to cultivate the right mindset, but also to prepare the workforce practically for new requirements, employee training courses should be organized. Here, awareness should be raised for general aspects of IT security (e.g., careful handling of passwords and sensitive data), but ideally new programs should also be introduced in detail. After all, the functionality of the new data management tool may not be immediately obvious to everyone. And if, in the end, no one knows how to use it, nothing will be gained from the expensive new software.