Has your inbox been flooded with updated privacy policies and data processing terms in the past few months? The reason is a new legislation in Europe, called GDPR, which makes it harder for businesses to keep personal data, as well as governing how businesses can collect and use information.
GDPR stands for General Data Protection Regulation, and from May 25 it provides enhanced data protection rights to EU citizens. In the future, the legislation is predicted to move beyond Europe, particularly in light of recent cases where established analytics companies have been accused of obtaining and using people’s data without their consent.
As people become more wary of how their data is being stored and used, we expect that more stringent laws such as GDPR will come into play elsewhere in the world.
If you are a business and have a website, mailing list, shop or any kind of facility for collecting and/or processing data (which is virtually every business), you should be aware of GDPR and what you should do to be compliant.
- Consult a lawyer or legal firm’s advice if you are in the data collection or processing business.
- Apply logic to the new policies. With every decision, think about the risk to you/your business and whether you need full overhauls of privacy policies or just tweaks. Most countries already have data protection laws, so if your business complies with existing laws, the GDPR update is simply a further tightening of what’s already in place.
- Don’t panic. These new laws are good for all of us! The new legislation gives the power of information back to the people that should have it: you!
- Making large organisations compliant presents the biggest challenge, where there is a lot of information stored in numerous places and managed by many groups. If this is you, consider how your business can maintain stringent data policies. What tweaks need to be made to your existing technology? What training will your teams need and what permissions will need altering for consumers? You’ll also need to look into what governance tools you can use to catch instances of PII (public identifiable information) leakage, as well as maintaining data quality and accuracy.
- Take a look at Sparkline’s Web and Mobile analytics auditor to help enhance the quality of your data and limit PII leakage in scalable ways.
Disclaimer: Sparkline are data people, not legal people. We recommend that you seek proper legal advice for any business decisions, just as we did!