IoD Hertfordshire: Is Your Business Ready For The GDPR
On the 25th April 2018, exactly a month before the GDPR legislation comes into effect, IoD Hertfordshire met at the Aubrey Park Hotel in Redbourn, St Albans. Speaking at the event were Richard McBarnet Interim Chair of IoD Herts and Andrew Scheer, IoD Herts Marketing Ambassador.
GDPR applies to all data we already hold and using a cloud server does not absolve you. Richard advised that GDPR is not a box ticking exercise, it is a cultural approach to managing data and we have to start thinking very differently about how we handle data. 48% of people intend to use their rights under GDPR.
- Be upfront about what you doing with the data
- Only collect data you need
- Processed in a manner that ensures the security of personal data
Andrew Scheer went on to give the marketing perspective which he says is a slightly grey area
- Opt out has been reversed, we now need permission to opt-in
- We can’t make consent a condition of purchase
Richard went on to say that you need to be able to demonstrate due diligence and fines will be dissuasive rather than punitive.
- Have a plan
- Know where and what your data is
- Draft your policy statement
- Draft procedures for reporting
- Train your staff
- Encrypt everything
If companies fail to adhere to GDPR legislation it could ultimately result in an inability to bid for contracts and an inability to market effectively.
More info & articles on GDPR