Data Protection is something most adults are aware of as we go about our daily lives but in May 2018 it is all going up a gear and all business owners will have to keep up to date with stringent changes.
Many freelancers as well as representatives for businesses of all sizes amass a huge number of business cards from the networking circuit and during their general interactions over the course of a week. These business cards contain valuable contact information and some networkers will actually harness this information and add it to a CRM, others may languish untouched forever more until they find their way in to the bin. The objective for many will be to establish a planned follow up regime with regular, (hopefully) well written emails and ultimately a phone call or two before a formal meeting to hopefully finalise the sale. Then there are the contact details that you might purchase from a data supplier – dangerous territory at the best of times in my opinion, but now it is becoming more and more critical to get your data handling right.
In 2017 an opt in email confirming permission for being on a list is fine but the advent of GDPR May 2018 means the dramatic changes in the Data Protection laws demand that every one of us takes steps to review the way we handle and store data. For some businesses this will be no small task so it is important to start as early as possible to ensure the marketing data you have worked so hard to build is still legally usable.
These changes are devised to ensure that some sales operators clean up their act – ie the sharp practice of automatic opt ins for visitors to sales funnel web pages with the onus on the consumer to opt out is likely to fall under these changes. In my opinion this affords great protection for the unsuspecting consumer. However, there are pitfalls for the business owner which could cost them up to £4 million in fines for non-compliance.
To avoid falling foul of these new rules business owners may wish to consider in the first instance:
1. Reviewing their systems and how secure the service providers really are.
2. Whether their business requires appropriate insurance to cover you for online activity and security of data in your care.
3. How their data is stored and secured and whether it is good enough for GDPR.
4. Whether a Data Compliance Officer is needed for your business.
5. Keeping up with the news around this subject via the Information Commissioner’s Office website ie https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/getting-ready-for-the-gdpr/
In short, cyber security and complying with data protection is something we are all going to have to know a great deal more about no matter what level we occupy in the various hierarchies. It is a big responsibility taking other people’s data in your hands and ignorance is unlikely to be much of a defence!
Please check back in for more information about GDPR as I will share again on this topic as my knowledge and understanding grows. Alternatively, you can always check out the official site yourself.