By now I'm sure you've heard of the impending apocalypse known as GDPR. Or at least that's what some advisors would have you believe. In truth, a lot of it is interpretation. How much you change your business to achieve some semblance of compliance depends entirely on your unique set of circumstances. The important thing is that GDPR is now the elephant in the room and it's vital you acknowlesge its existence.
It really is amazing how unprepared many small business owners are for GDPR. There appears to be a thinking that this will only affect big companies. GDPR will affect almost every business in the country and the clock is counting down rapidly. My piece "GDPR and Your Business" is a comprehensive but not exhaustive guide to GDPR with an infographic on 12 steps to prepare for GDPR.
If you aren't prepared for GDPR, don't panic and don't put it on the long finger either. Here are a few suggestion to get you started:
- Take the lead - GDPR will just be another part of running a business. Take this opportunity to make your business truly customer-centric by putting in place a GDPR compliance framework across your entire organisation.
- Think Consent - GDPR will make your customers more aware of their rights regarding the permissions you have to collect a retain their personal data. This is a good thing; however your customers will likely question you on it. You should look at opt-in versus opt-out . GDPR will also enforce that silence, pre-ticked boxes or inactivity will not constitute consent. What information do you currently hold, who has access to it and how secure is it from a data breach?
- Beat the rush - It's only a few months away but by getting ahead of the last minute rush now, you will greatly reduce the scale of the headache that will be faced by those who have not adequately prepared.
- Customer attitudes are about to change in a big way - GDPR will empower your customers and they will have much greater level of control over the access and retention of their personal data. Like I said, this is a good thing and shouldn't adversely effect your business, if you are GDPR ready. Remember - you are also a customer and will have the right to question the collection and retention of your personal data by other businesses.
GDPR is an opportunity, not a burden
GDPR doesn't have to be the elephant in the room. This is an opportunity for businesses to reach and engage with customers in ways they never have before. Getting ahead of GDPR is a great way for you promote your brand by showing your customers that you take the collection and retention of their personal data seriously. If you are ready for GDPR, you will build trust with your customers and industry peers, however non compliance will likely see you looses trust - and trust - is difficult to earn back. For a full guide to GDPR, please visit the website of the Data Protection Commissioner.
John Grennan IT.ie