GDPR, the four dreaded letters that are ruining lives up and down the country.
And why is it such a life ruiner? Cause it’s a massive ball ache that’s why!
The development of the internet over the past 20 years has totally flipped the way we communicate on its head, and as the current Data Protection Act hasn’t been updated since 1998, pre-smart phones and social media, these new regulations have been a long time coming.
With D Day, or rather G-Day, a matter of weeks away (May 25), this week the Publicity Seekers team and I have dedicated our lives to getting our heads around this absolute minefield and continued finalising new processes and policies, both for ourselves and our clients.
I’m pleased to say that we’ve got all our affairs in order and are ready to welcome GDPR with open arms, but it’s still pretty worrying to hear SME’s say ‘we’ve still got ages to sort stuff out’ or ‘I don’t think it’s going to impact us much’.
SME’s are just as much in the firing line when it comes to GDPR as UK brand giants. If anything, the repercussions of a data breach will be even more disastrous.
So what’s the impact of GDPR from a PR perspective?
Well, apart from the truly horrific fines that businesses are at risk of receiving, SME’s out there, good luck coming up trumps with a cool £17m, on top of this, if you’re company is being inspected or suffers a data breach, it’s not going to do anything for your reputation.
After the 25th May we’ll be entering a new data era, where people will have much greater expectations on how their personal information is managed and much greater rights to ask for that information to be edited or deleted all together.
And it’s not just customers or clients we’re talking about here. Its employees, suppliers, partners, any company stakeholders basically. That’s a lot of people’s information to consider.
So what have I taken away from our week of GDPR?
Well the main thing I’ve taken away is that there’s a hell of a lot to take in. It’s safe to say that by 5pm on Tuesday afternoon, my brain probably resembled a pile of scrambled egg.
What is important to remember is that GDPR isn’t and should never be seen as a tick box exercise.
In order to be compliant with the new regulations there needs to be a major shift in process and most importantly attitude of everyone within a business.
If this means running training courses to get everyone up to speed, DO IT!
If this means running regular fresher courses in the next few months, DO IT!
If it means getting a professional in to audit your systems and set you an action plan, DO IT!
Yes, preparation is time consuming and an expense to your business, but I’m sure you’d much rather this smaller expense now, than face an unpayable fine later down the line.