GDPR aside we have a moral obligation to protect data
With GDPR looming and businesses grappling to understand its complexities ahead of May next year, there is a real opportunity to stop and think about how customer data is handled.
With GDPR looming and businesses grappling to understand its complexities ahead of May next year, there is a real opportunity to stop and think about how customer data is handled. Putting GDPR anxieties aside we have a moral obligation to protect data and GDPR provides a real opportunity for businesses to get this right.
What’s GDPR all about?
- General Data Protection Regulation rules will be applicable by May 25th 2018 to all organisations that operate in the EU market
- The regulations are extra-territorial. Overseas firms doing business in the EU market are subject to it. Even with Brexit, UK organisations will still be affected
- The fines are serious; data breaches can generate fines of €10m or 2% of annual revenue. Wider or consequential breaches of its provisions will generate fines of €20m or 4% of revenue
- Consumers have enhanced rights so they have control over who has their data and where it is stored
- Consent to use data must be freely given, specific, informed and unambiguous for each purpose for which the data is being processed
- The regulation applies (with some nuances) to both the data controller and data processor
- A right to data portability will make it easier for individuals to transmit personal data between service providers.
What does this mean?
In an age where data underpins everything we do this heralds a new era for businesses. GDPR is all about giving control back to consumers and making companies more responsible for their data management, with company directors becoming personally liable for data management processes.
Compliance is one thing. However, if you do this right then GDPR could be the catalyst for very positive outcomes in your business. The organisations that lead the response to this challenge will be seen as innovators, as brands with a social conscience who are protecting their customers.
There has always been a strong business case for better information management, solid information governance and sensible information lifecycle management – but there is a moral obligation to get this right as well.