Article

J Cromack
J Cromack 5 December 2017
Categories B2B, Content, Customer Experience, Data & Analytics, Technology

GDPR: the ultimate checklist

There are now mere months until the General Data Protection Regulation (GDPR) becomes enforceable. It is set to have an unprecedented impact on organisations from every industry if they hold the personal data of EU citizens on their databases, and has the scope to turn marketing as we know it on its head.

Even at this late stage there is still a great deal of uncertainty and much confusion from organisations about GDPR and what they need to do to become compliant. Although many view it as a huge task and a necessary evil, in reality, it offers a clear avenue for organisations to add meaning, value and power to data.

By going beyond data compliance, savvy organisations can build better relationships with their customers by rebalancing trust, giving them control of and helping individuals realise the value of their data.

Of course, the first step in this journey to lead the way in the new consumer democracy is to ensure everything is in order for GDPR compliance. This is precisely why we have put together the ultimate GDPR checklist.

Using the acronym – OPT-IN, it sets out the activities businesses will need to consider – and act on – by the enforcement date of 25th May 2018.

Organisation

  • My board understands and supports GDPR
  • We have checked we use plain English
  • We have assessed and updated our privacy policy
  • We have a data protection officer
  • We know which departments will be impacted
  • We have assessed the level of corporate risk
  • We understand how we communicate with our customers
  • We have checked whether we are regulated by other legislation e.g. PECR or MiFiD II
  • We can be fully accountable

Processes and systems

  • We know the source of all data
  • We know what data we are holding
  • We are transparent about the use and sharing of data
  • We can clearly demonstrate that we have permission to use this data
  • We have processes in place to delete data
  • We have systems in place to manage a data breach
  • We can comply with an individual’s right to portability

Technology

  • We can provide details of all data electronically
  • All data is securely stored and safely encrypted
  • We can fulfil the ‘right to be forgotten’
  • All new technology has privacy by design built-in

Information and rights of access

  • We have updated all our permission statements and they are ready for GDPR
  • Individuals can easily find out what information we hold on them
  • We can verify individual’s ages and identify children for specific consent
  • We have developed template responses
  • We know what additional information needs to be collected to adhere to GDPR

Next steps

  • We have tested an individual’s experience when requesting consent
  • Individual’s can access their own data and update their preferences
  • We can put it right if we get it wrong
  • We can restrict profiling
  • All departments are fully aware of policies, procedures and the new GDPR regulations

Data has the potential to revolutionise every facet of business, so much so that it has been dubbed the ‘fourth industrial revolution’. However, it is important to remember that behind each piece of data is an individual.

At its heart, GDPR is all about making sure that individuals have ultimate control over their data and can be confident that it will be used in a way that is going to make their lives easier – something that should be music to everyone’s ears.

We strongly urge organisations to embrace the opportunities that GDPR offers and use it as a chance to reimagine their approach to both data and customer relationships for the better. 

1

Comments
Parvej uddin Molla
Parvej uddin Molla

Thanks for sharing new idea.

Please login or register to add a comment.

Author Profile

J Cromack
J Cromack Chief Commercial Officer MyLife Digital

J Cromack, Co-Founder of MyLife Digital, and CCO of MyLife Digital Group. The MyLife Digital Group is made up of Wood for Trees a data and analytics business focused on the charity sector, Insight, a sports performance analysis business working with National Governing Bodies and Elite Sports Teams and MyLife Digital that has developed the Consentric Platform. Consentric consists of three solutions - Permissions which enables organisations to rebalance control of the personal data they hold on a citizen - with the citizen, an essential component to comply with the GDPR. Engage an app and online solution to collect and gain insights from live consented data, and Value Index a machine learning solution to explore patterns in consented data to aid decision making. J is an advocate of delivering ‘informed insight from informed consent’ and a champion of the opportunities emerging from GDPR. J has been in demand as a speaker on the subject for both charity and commercial events. He has a wealth in the commercial and not for profit sector and management experience gained from various leadership roles. As a business owner, he has sought to transform the marketing services sector and his entrepreneurial spirit remains at the heart of his approach. His rich understanding of Big Data, Analytics and Data Protection enables him to provide innovative solutions to marketing challenges and support the transformation of organisational performance. He is a Bath Rugby fan and keen sportsman, often taking part in Tough Mudders or cycling events. In 2015 he co-founded Revolve24, a global series of 24-hour cycle endurance challenges.

See more about this author

Skills

This user has not entered their Skills

Previous Experience

This user has not entered their Previous Experience

Education & Qualifications

This user has not entered their Education & Qualifications

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in...

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more
GDPR: A Summary of What you Need to Know

GDPR: A Summary of What you Need to Know

GDPR is a seemingly complex subject that is confusing many managers and business owners. Here we simplify the jargon and give you some ideas of where to start.

Will Kennard
Will Kennard 21 November 2017
Read more