Everyone is talking about GDPR
PUBLISHED: 14:58 31 October 2017
The question that we keep hearing from businesses is will GDPR affect me and do I need to do anything?
Everyone is talking about GDPR, the General Data Protection Regulation that will be taking effect on May 25 2018. This regulation is intended to strengthen and unify data protection for all residents within the European Union. So, while as a consumer this law gives you peace of mind, as a business owner GDPR can create a near state of panic and confusion.
Does GDPR affect me?
The question that we keep hearing from businesses is: “Will GDPR affect me and do I need to do anything?” The short answers are yes and yes since GDPR will be enforced across all businesses irrespective of size – from sole traders to multinationals.
Many of the major software providers, such as Amazon Web Services and Microsoft, are spending serious money on developing services to become GDPR compliant. However, for the rest of us - who 90% of the time use software made by other companies - this doesn’t help.
Unfortunately, however, time is of the essence and - with potential fines of up to 4% of turnover or €20m and test cases not yet fought - businesses cannot afford to wait around to see what action might take place.
We would recommend that you understand what your software providers are doing or what they are planning so that you can factor this into your data protection plan. From what we have seen, there are currently only a couple of businesses out there who are making changes to their software products tackling GDPR head-on.
What action do I need to take now?
There are a number of things that all businesses need to do ahead of May 2018. By May 25 2018, as one example, you will need to have made sure that you have contacted all individuals you currently hold contact details for and asked them to provide explicit consent on the data that you hold on them, the way you use this data and therefore how they can be contacted. You then need to be able to make sure that you can show how and when this consent took place.
To start your journey to compliance we would recommend 5 key actions, namely:
1. Have a look at the ICO’s 12 step document which outlines practical steps to achieving compliant data here.
2. Attend some of the GDPR webinars that are currently being run across different industries.
3. Take time to understand your current business processes. You especially need to document details such as:
• Where you store your existing customer contact details
• How you store this information and how the data is currently used
• The methods by which you communicate information to your customers such as email platforms and telesales campaigns
• How you will deal with customer requests for details on the data that you hold on them and how you will manage requests to amend this data or contact permissions
4. Make sure that everyone in your company knows what GDPR is, how it might affect them in their day to day roles and what plans they need to have in place to deal with these changes
5. As mentioned earlier, reach out to your software providers - where this software handles customer data - and find out what plans they have in place or have already implemented in order to help with GDPR compliance. You can then identify and fill gaps in your data protection plan.
At Salpo CRM we are committed to helping our customers get ahead of the compliance curve and our platform comes with a GDPR compliance toolset built in. This toolset provides the bedrock to underpin successful sales and relationship development using our market leading CRM toolset, for companies of any sizes from 1 user to 1000+. For more information or to arrange a demo just visit the Salpo website or email firstname.lastname@example.org.