The juggernaut that is the GDPR is heading your way – not even Brexit can stop it – and your organisation needs to be ready. Paul Snell highlights eight things you can do straight away to make sure you don’t get caught in the headlights.
As much as you might like to close your eyes, put your fingers in your ears and pretend it’s not happening, it’s only a matter of months until the GDPR comes into force across Europe.
This new data protection law will significantly affect the way B2B marketers collect and process personal data, and imposes some seriously significant fines for non-compliance – up to €20 million or 4% of annual global turnover, whichever is larger. It introduces new and strengthened rights for individuals with regard to their data, imposes tougher obligations on firms in terms of data security and privacy, and creates a higher standard of consent for using personal data. But alarmingly, with less than a year to go in May, just a third of marketing and advertising business had even heard of it.
Our essential free download, Getting to grips with the GDPR: A B2B marketer’s guide, aims to provide a comprehensive overview of the regulation, its implications, and practical steps that can be taken to prepare. In the meantime, here are eight things you can do straight away to get on the path to compliance.
Eight practical steps to begin GDPR compliance:
1. Carry out an information audit
Look at how your organisation collects and uses information. Where is data collected and stored? Who’s able to access this data? What security measures do you currently have in place?
2. Raise awareness within your organisation
Most employees will have some connection to personal data the organisation holds and processes. Ensure they understand changes are coming, and the potential impact this could have on the business – and the potential penalties. Make sure senior management is engaged in the process, and establish cross-functional teams to tackle the challenges.
3. Review your privacy policies and statements
Look at what you currently tell users about how you use their data, and assess how far this goes to complying with the GDPR.
Find out more here.