A hot topic for clients in one of our specialist areas, Professional Services, is the new General Data Protection Regulation (GDPR).
Although GDPR will impact most businesses, not just those offering Professional Services, Charlotte Joyce who leads this specialist area at CRM provides an overview:
An introduction to GDPR
Europe’s data protection rules are set to undergo their biggest changes in twenty years. Over the last two decades the amount of digital information and data we create, collect and store has dramatically increased. In simple terms, the existing practice was outdated and no longer fit for purpose.
The response and solution is the new European General Data Protection Regulation (GDPR) which takes effect on May 25th 2018. The regulation will alter the way businesses and public sector organisations can handle any customer information.
What is GDPR?
GDPR is a new European framework for data protection laws replacing the 1995 data protection directive.
Put simply, GDPR provides new and extended rights for people to access their own personal information companies hold about them, additional obligations are set out to ensure better data management for businesses, and a new set of fines.
What’s the purpose of it?
To put the power back in the hands of the public over how their data is amassed, handled and used.
Under GDPR, individuals have “the right to be forgotten” – the ability to request the businesses delete their personal data which is inaccurate or no longer necessary.
How will it affect individuals?
In addition to the “right to be forgotten”, the new directive offers consumers greater control over their data and will assist in helping individuals to transfer their personal data from one service provider to another – making it easier and simpler to swap broadband, gas, electric or water suppliers.
How it will affect your businesses?
Ultimately, the new data protection laws could mean large fines for businesses who fail to be compliant.
Giving back control to individuals is no simple matter. Businesses need to work out how to give it back and how to ensure it is stored, protected and deleted securely to counter any potential data breach.
What your business should to be aware of
The Information Commissioner’s 12 point guidelines have been released and are available here.