The GDPR (General Data Protection Regulation) will apply in the UK from 25 May 2018 onwards. It will introduce a new legal framework in the EU in regards to data protection as well as new requirements that UK businesses must adhere to.
The UK, on 23 June 2016, voted to leave the European Union in a process colloquially referred to as Brexit. There was some speculation around the decision and whether or not the new data regulation would still apply if the UK was leaving the EU. However, the government has confirmed that the decision to leave the EU will not affect the application of the GDPR in the UK. Therefore, businesses must begin preparations in order to meet the GDPR’s requirements.
Key aspects of the GDPR include the enforcement of large fines for data breaches, updated regulations on the collection of personal data and obtaining valid consent for the use of any data collected. Some businesses across the UK may also be required to appoint a Data Protection Officer.
In order to meet the requirements of the GDPR, your business should be educated on how the new rules will apply to you and ensuring that you are in a compliant position. Your business should assess your current data including where it is stored, how it is accessed and who accesses it and gain a broader understanding of the GDPR as a whole. Considering new appointments and new technologies to help you get into, or remain in a compliant position can only effectively take place once the business is educated.
It is also extremely important to educate your entire team as meeting the requirements of the GDPR may depend on various people within your business. For your business to immediately begin complying with the GDPR, it will be useful for each member of your team to have an understanding of the changes. Consider the level of understanding that each team member will need based on their role and a training plan can be put in place.
Here’s a link to an overview of the GDPR so you can start building your knowledge of what the GDPR is and what it means for you: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/
Managing Data Breaches:
The GDPR outlines stricter rules for how a business should respond to unauthorised access to sensitive or confidential data. Businesses are required to report any data breaches to the ICO, the government body responsible for data protection and the individual affected by the breach. If businesses work to implement processes to identify and manage breaches in advance, if a breach occurs, it will far easier to deal with.
Opt-In vs Opt-Out:
Under the new rules of the GDPR, people will need to ‘opt in’ to communications and receiving information from your business or third parties rather than ‘opting out’. Currently, many businesses have an ‘opt out’ button or link that people can use if they no longer want to receive information as opposed to an ‘opt in’ option. This means some businesses have data, bought or built that have not ‘opted in’ of their own accord but rather have the option to ‘opt out’. This will no longer be possible under the GDPR and businesses should start looking at how to incorporate an ‘opt in’ procedure.
GDPR Conference 2017:
For businesses interested in learning more about the GDPR and the various aspects of it should consider attending the GDPR Conference on 27 April 2017. Click here to learn more: http://www.gdprconference.eu/
If the process of updating or collecting compliant data is a burden your company would prefer not to shoulder, Mayday Marketing can help. We regularly collect and store compliant data for our clients, ensuring that GDPR is adhered to as well as protecting client confidentiality through non-disclosure agreements. Understanding the progressive move towards greater compliance, it makes sense to start collecting or cleansing your data now and to set up a continuous management programme so that you can continue to reap the benefits of marketing to your subscribers. Our lead generation campaigns through email marketing and Facebook advertising provide cost effective methods for lead capture. Regular campaigns encourage brand loyalty and provide opportunities to evaluate and keep data current and compliant. To take advantage of our knowledge and processes for compliant data capture, contact Mayday Marketing on 01380 888033.