You are going to hear a lot about GDPR – the General Data Protection Regulations that come into effect in May 2018.
No business is too small to be fined for Data Protection breaches and you need to get ready for this
Data is cash in your house – GDPR secures it
Think of the way you currently handle your client data as cash left in your house. It’s their money but they let you keep it for them.
Inside your house is a safe where you put the high-value items.
You don’t leave your doors and windows open with cash on the kitchen table.
When you are on holiday or away from your house you take care that your safe is locked and the burglar alarms are on. You don’t just pack up everything in the house and take it on holiday with you in case it comes in handy. GDPR is going to affect how you move data outside the EU.
You move cash and documents around inside your house and you assume it is OK with your customer if you move their stuff from one room to another. You assume that as long as it stays in your house that’s fine.
But now the kids come back from University and your house is full of people. You put the cash and confidential information away. You put it in one place in the house. You make it difficult for your kids’ friends to get in there when they are having a party.
You take on a cleaner. If your secure place needs cleaning you make sure the cleaner is someone you can trust. Don’t leave cash on the table
Growing and moving on
Your growing business has more cash and more data than ever before. It is getting a bit much for you to do it all – even with the friendly cleaner and the occasional help from the kids’ student friends. You decide to send some of your work out so people can help you.
Would you put the cash in an envelope, stick a stamp on it and send it through the ordinary post so the people you pay can use that money to make more money for you?
You’re still in business, so I am guessing the answer is no. But when it comes to outsourcing we do the equivalent with our clients’ data without giving it a moment’s thought. GDPR covers how you move data from place to place
GDPR means you need to rebuild
GDPR is a whole new way of looking at what permissions you need and when to do what. You are not going to be able to say – they came to my house so, of course, I had permission to take all their cash.
Using implied permission (they must have wanted me to do that) is going to be replaced by informed permission and for specific reasons.
Many well-established marketing techniques are going to need an overhaul.
What are you doing to get ready for GDPR?
If you work with freelancers and outsourced teams you are going to have to work with this on several levels:
- Handling your own client/staff data
- Making sure your outsourced team are complying
- Considering you handle data from 3rd parties who are not the ‘data subject’
Will you wait till the last minute or start work on this now?
Do you want to get ready for GDPR?
If you want to be part of the work we are doing to get ready for GDPR, join today and get everything your business needs
Check out our low-cost GDPR support groups: GDPR for micro budgets