News

Is your company like a rabbit dazzled by the GDPR headlights?

05 December 2017

Is your company like a rabbit dazzled by the GDPR headlights?

Yes - then get specialist help and get it now, says Jenny Parsons, COO ProTech

If your answer is yes, then remember that the General Data Protection Regulation (GDPR) is not a saloon car bearing down on your company, but a very large articulated lorry.

Consider very carefully if to prevent a potentially very expensive and reputation damaging non-compliance collision, you should be seeking specialist help.

There are only 170 days to complete the preparation for GDPR. If the date of 25 May 2018 is not indelibly imprinted in your brain and in those within your organisation responsible for GDPR preparedness, then I can hear the wheels of that 32-ton articulated lorry already starting to skid.

You need specialist help because before writing this article, I conducted some desktop research to help me decide the most pressing GDPR issue to focus on. 

I looked at the latest Information Commissioner’s Office (ICO) blog ‘European guidance published – profiling and breach reporting’ and clicked on the link for profiling and downloaded a 34 page document which I glanced at and was quickly bamboozled.

I clicked on the link for breach reporting and downloaded another document, this time only 30 pages and again, after a quick look at the content, was bamboozled.

As the ICO information was hard to understand, I took a look at some of the articles I had bookmarked as potentially useful GDPR focused material. Alongside the plethora of ‘what you need to do now to get ready for GDPR’ content, these worrying headlines jumped out at me:

Much GDPR prep is a waste of time warns PCW

Most UK small business in the dark over GDPR

GDPR is a Year 2000—style cash cow

There is so much you need to know and so much you need to understand. Then comes the tricky bit, determining how what you have read and (hopefully) understood about GDPR actually impacts on your business processes and what you need to do to achieve compliance.

There is however a bigger question – how can you be sure that the information you have read and ‘understood’ is accurate and has been written by someone who really does understand GDPR and not a ‘GDPR cowboy’?  – see my earlier article.

How do you know whether your organisation is in grave danger of preparing for GDPR based on inaccurate information putting you at risk of doing too much or too little?

Enabling our Not for Profit (NFP) clients (i.e. membership organisations, associations, qualification providers and qualification awarding bodies, etc.) to deploy ProTech’s integrated web and CRM solution to capture and analyse data around their members, is key to their operational success.

It was therefore key that ProTech worked to ensure that its CRM solution would play a crucial role in their journey to achieve GDPR compliance.

Having appointed a member of our senior management to take responsibility for driving the actions and processes necessary to ensure that ProTech as a company would be GDPR compliant and that our CRM and digital solutions would help our clients meet GDPR requirements, it quickly became apparent just what a complex and time-consuming undertaking this was.

ProTech took the decision to seek specialist help. After all it is not going to save your company’s bacon, if your non-compliance results in a run-in with the ICO, to say that you had ‘misunderstood’ one, or worse still, many of the different GDPR obligations. A lack of knowledge will not be seen as an adequate defence!

Having conducted a detailed appraisal of potential GDPR consultancy partners, we selected i-Secured as our GDPR expert, based on its proven track record and excellent customer references.

i-Secured has helped us to fully grasp the GDPR nettle. We have completed an all-important ‘gap analysis’ and are now moving forward with the steps we need to take to ensure ProTech, as a business, achieves compliance.

Additionally, i-Secured has helped us to identify the development needed to make sure that ProTech’s specialist CRM software and its digital platform addresses the relevant GDPR obligations which will help our clients to achieve compliance. These obligations include: data portability, the right to be forgotten (a data subject exercising a right to delete their data) and the pseudonymisation of data (i.e. the removal of personal identifiers to limit the risk to specified personal data but still having the ability to use the data).

It is important to note that IT systems compliance is only one aspect of GDPR. All of your people, processes and technology must be reviewed to ensure that they meet GDPR obligations. 

To prevent a head-on collision with that GDPR articulated lorry talk to a GDPR specialist quickly. You have no time to lose, the really good and reputable specialists will soon be far too busy to take on new clients.

Even better, why not give ProTech a call and learn from our experience of working with i-Secured how to get your GDPR house in order, both from a company and CRM solution perspective. Kill two birds with one stone and sit back and watch that GDPR lorry glide smoothly past your company.

 For further information, contact kim.smith@protech.co.uk


BACK TO INSIGHTS

Sign up to our newsletter and brochure

Continue to learn more about ProTech’s lastest news, insights, software updates and forth coming releases. Sign up for our newsletter and request a brochure.     SIGN UP HERE

Latest News