In less than a year’s time, the new General Data Protection Regulation (GDPR) legislation will be enforced and business owners will need to comply or face penalties. We asked events marketer Hellen Beveridge what this enforcement will mean for the future of collecting, storing and using data and why attending her Business Breakfast event on 17 August will be beneficial for those seeking extra clarification.
Hellen, why is it important for business owners to attend the business breakfast?
GDPR is a complex piece of legislation, that will ultimately affect how businesses operate, so the business breakfast will aim to give key advice that will enable business owners to work out exactly what they need to do and also to be able to measure investment in new processes, people and/or technology in an informed manner.
What are the clear differences between the DPA and GDPR?
The key areas of difference and areas that I will discuss are;
- breach notification
- the right to be forgotten
- disclosure and security
Do you feel the information given on the ICO website is clear enough?
Patrick Grillo from Fortinet puts it very succinctly: “I would strongly recommend that you get an outside expert, someone who is living and breathing it [GDPR] on a daily basis, and who has a vested interest in helping you succeed.”
The information provided on the ICO is good but it applies to all and therefore doesn’t recognise the nuances of a particular industry or how it will affect the business individually. The regulation still has some areas for clarification and will continue to evolve as new technology emerges, so you will need a team that is immersed in the legislation to work on how it will affect you. Changes to ePrivacy regulations will also be coming into effect, so that is another area to look forward to.
Are the 12 steps that the ICO have highlighted enough to help business owners transition smoothly?
The 12 steps make it look easy, but it won’t be – each of those steps could take you hundreds of man-hours to complete and they don’t reflect the complete changes in culture that you might have to embrace.
Do you feel that most business owners are aware of what changes, if any, they need to make in order to avoid the proposed penalties?
There is still a big chasm in terms of knowledge. Many businesses are aware that change is coming but they haven’t appreciated that they are expected to have made that change, in its entirety by 25 May next year.
Many companies haven’t even considered that GDPR is a focus on their data infrastructure and although most consider consent as being the main consideration, it is actually the issue of security that is paramount.
Smaller businesses are typically more lax about security, as they believe their size wouldn’t attract the attention of hackers. However, recent research has shown that this is exactly what they are looking for and so simply trying to create a system where you don’t get caught, won’t be enough to be compliant.
Do you feel that the new regulations will limit and discourage business owners, or open up new possibilities to enhance customer relationships?
Anyone who can’t embrace this change is going to find themselves quickly outpaced. This is a great opportunity to make real change to how you communicate with clients, customers, delegates and visitors and will bring real honesty that customers will value.
If we get used to talking to smaller groups of people to build communities with engaging dialogue, instead of using default blanket email marketing campaigns, then perhaps we can tailor our marketing messages to better suit the needs of our customers, and ultimately create better events.
What do you hope delegates will learn from the business breakfast?
The new legislation may be complicated, but it is not the enemy!
A clear understanding of GDPR will put the power back into the hands of the data subject and organisation, to create a level of data discipline in organisations that represents more of an opportunity than a threat.
Hellen will be key speaker at the mia business breakfast event, taking place at Bush House, King’s Venues, London, on Thursday 17 August from 8.30-10am.
Tickets are £25 for mia members and £45 for non-members, and can be booked in advance from www.mia-uk.org/event/gdpr-legislation-business-breakfast/ or by contacting Shauna Murray on 0345 230 5508.