by Dave Fuller
Estimated Reading Time: 3 minutes
In the modern world, brands and organisations offer more targeted products and services than ever before. Whilst there are many benefits to the consumer, there are many ethical questions asked when personal data is in the hands of profiteering businesses.
Data laws needed to change, but like in most industries the information and terms which are discussed are highly technical (guilty as charged, sorry) and often sensationalist. So, we thought it’s only reasonable to give you a simple guide explaining the new regulations and how this is likely to impact your business.
So what is it?
On 25th May 2018, the General Data Protection Regulation (GDPR) is to be enforced throughout Europe, and yes, this includes the UK. GDPR aims to give European citizens control over their data creating a consistent set of enforced rules across the continent.
Why should I care?
Despite GDPR originating from Europe, this law will have a global impact affecting all businesses holding personal data on customers and employees located within the EU. Businesses need to be preparing for the change as soon as possible because, if ignored, they can be fined up to €20m or 4% of their global annual turnover.
Aside from the expensive penalties, it’s worth understanding that data protection is about more than compliance. Businesses publicly shamed for losing private customer information will experience significant damage to their reputation. It makes good business sense to demonstrate that you understand this cultural aspect, as well as the financial one.
Show me the rules
The rules are very complex and get very technical (sorry). It’s important to not be overwhelmed by them or see the GDPR as your enemy, building the rules into your organisational culture rather than being enslaved by them will help you manage and secure your data more effectively.
The rules can be broken down into the following 6 areas:
- Understand what you have, and why
- Approach the management of your data in a sensible structured way
- Document who is responsible for it
- Encrypt data you wouldn’t want to be disclosed
- Promote a security aware culture at every level of your business
- Be prepared – Hope for the best, expect the worst
What does it mean for your clients?
Many consumers may not always be aware of the law, many will notice some differences in how businesses communicate with them. Consumer rights will be upheld and publicised, news about data breaches will travel faster as the naming and shaming begins.
In our opinion this is a great opportunity for businesses to think about how they embed data protection into the company’s day-to-day culture. This is an ideal time to assess your businesses understanding of data protection and to create a plan for a smooth transition to the new structures and processes necessary for effective compliance to the GDPR. Accent works with large and small businesses with support and advice to ensure successful changes to the way organisations work. Talk to us about how we can help your business get ready for GDPR.
Armed with a BA Hons Arts Degrees and decades of experience as a Web Developer, Dave manages all aspects of Web Design and Software Development at Accent and is also our technical guru.