• Home
  • >
  • Christine Andrews, Director, DQM GRC

Christine Andrews, Director, DQM GRC

Path to power

I started life in BT’s customer communications team, intending to stay for about two years, but ending up doing 11 years, working in advertising, marketing and sales, mostly for SMEs. I then moved to Cable & Wireless to develop the company’s attack on the SME market, working in sales and marketing before running contact centres globally for all enterprises, with board member responsibility for CRM. 


Tired of travelling and leaving my family (twins then aged eight), I changed tack in 2003 and became a shareholder and director in a four-person data protection and data management business, which became DQM Group and then DQM GRC. 


DQM GRC was one of the first companies to recognise data as a valuable business asset that needs protecting before it can become an essential asset for driving business potential. Our consistent approach to delivering pragmatic data privacy solutions has ensured we now operate globally, supporting many medium and large scale organisations to ensure they avoid becoming data privacy disasters and become data driven.


What is the proudest achievement of your career to date?

In the last few years, finally seeing data protection recognised as an important boardroom issue with the introduction of the GDPR/Data Protection Act 2018. Having spent the past 16 years talking (largely to deaf ears) about its importance, it’s great to see traction at last in all companies and, for the most part, companies recognising that data protection is a long term commitment and not just a flash in the pan. It has also been massively rewarding to develop solutions and provide support to our clients which has helped them to embrace data protection by design and default.


Who is your role model or the person you look to for inspiration?

Having spent 2019 helping boards and senior managers recognise the importance of data privacy by design – and realising this is the core of a company’s privacy programme – I’d have to say Dr Ann Cavoukian, whose privacy ideas back in the 1990s are even more important today.


Did 2019 turn out the way you expected? If not, in what ways was it different?

Not really. For those of us in data protection consultancies, 2019 should have been a year of consolidation in terms of ensuring data protection remains a focus for all companies and not something to be forgotten post May 2018. 


The degree of enforcement action in the UK – whilst welcome in terms of highlighting large scale breaches such as BA and Marriott Hotels – didn’t help to keep data privacy as a boardroom issue. Too many companies saw it as a “one and done” exercise. The lack of data protection fines for SMEs (save some for PECR) meant it has slipped in focus. 


What do you expect 2020 to be like for the data and analytics industry?

Challenging. The enforcement actions against Facebook and Google will mean companies may need to better examine their whole approach to adtech, cookies and consent. Without some of the capabilities previously used extensively by analysts, other approaches to website analytics will be required. From a first party data perspective, marketers will have to work harder for the engagement they want from their customers. 


Companies recognised while they can legitimately market to their customers, there needs to be a “relationship” – which means sending emails and texts to people who were customers 12 months ago but have not bought since should be done with care. 


Data and technology are changing business, the economy and society – what do you see as the biggest opportunity emerging from this?

The increased use of AI across all areas of business, provided consumers’ privacy is respected. Examples such as Google’s DeepMind, and the various NHS Trusts who shared data, shows both the benefits and pitfalls of large-scale data sharing and the need to ensure there is complete transparency, particularly where sensitive data is involved. 


What is the biggest tech challenge your clients face in ensuring data is at the heart of their digital transformation strategy?

Ensuring developers respect the need for data protection by design and default. Typically, this means ensuring tech teams realise that data needs to be handled with care and that any transformation considers the key principles of data minimisation and anonymization, and recognises the importance of data security.

Christine Andrews
has been included in:
  • 100 Enablers 2019 (EMEA)
  • 100 Enablers 2020 (EMEA)