GDPR – and we’re off!
The GDPR rocket has launched. We are now in a world where we are much more in control of our personal data.
It’s up to us to agree if we are contacted by an organisation and we call the shots on what about. With our business owner hats on, although this initial change may feel like a struggle, we will all be in a place where the data we hold on people is actually useful to us. They want us to contact them with information about our products, services or simply our knowledge, opinions and expertise. Our databases will be meaningful, useful – gold dust.
This new world, where we all know where we stand, should make communication much much better. We as business owners need to work harder at ensuring we are using our databases to the best of our ability. Working harder to use the information we have been granted permission to use to plan better, develop faster and communicate more meaningful content. As consumers, we will be demanding a better service in return for the pearls that are our data.
So, moving on to the operational side of GDPR. As an a business, you should now be mostly organised in terms of what data you are holding hold on your customers and why, along with the appropriate permissions. You should have, or at least be very close to having, a process and system for managing this data. Everyone who is involved in the handling, collection and indeed destruction of data should be fully trained in your processes and systems.
In the midst of all this, have you had the chance to think about the systems which process and hold the data? The kit at the coalface of the information? This will, in many cases be your website and/or accompanying business information systems, and the data will be transactional, opinion based or for the purpose of marketing. But the million-dollar question is, are they secure? Under the GDPR regulation, you must show that you have taken measures in ensuring that the systems you use to store data are secure. Specifically, the regulations states that you must maintain a level of security that is appropriate to the risk.
Focusing on your website, At the most basic level, you should be think through:
Lots to think about in this new world. At first like most change, it will feel painful. However, one thing is for sure, businesses will be driven by meaningful data which can only be a good thing for us all.
We’ve written several articles about GDPR, which you can find on our GDPR Hub.
For full information on GDPR, visit the ICO GDPR guide.