Tuesday, 21 November 2017

GDPR – Sink or Swim, from the Sales & Retention Convention Nov '17

At last week’s Sales & Retention Convention, Regina Lally from Databasix delivered a great keynote on GDPR for the health and fitness industry. Feedback shows it was the most popular presentation of the day, justifying the prime position and time dedicated to the subject. 


Here’s a summary of key points… if you would like to see the whole presentation, then please sign up for the Webinar on Tuesday 28 November at 2pm (free to convention delegates, or £25 otherwise).

GDPR is about Accountability, Transparency and individual’s rights. 


Here are 4 myths (that we regularly hear) which are not true:

  • I don’t need to do anything until May 2018
  • Consent is the only way I can process data
  • We won’t be in the EU soon, it won’t apply
  • My database is secure, I’m ready


Regina’s presentation covered People, Data and Processes, bringing focus on each section with examples and answering lots of questions from delegates throughout.

People

You need to decide who will be your Data Protection Officer (if your business meets the criteria, i.e. more than 250 staff), and also check on the attitudes towards data protection within your organisation. Being transparent with the way you use data is key, and training will help your employees understanding of data protection principles and processes.

Data

Regina then covered the differences between personal data, personal sensitive data, and consent under GDPR. The relationship between Data Controller and Data Processor is another key point, with roles and responsibilities from both sides.

Processes

The third section explained Subject Access Requests, the Right to Erasure, and what to do when Data Breaches occur (when, not if!)

Here are Regina's 7 recommendations for action:

  • Involve people
  • Set accountability
  • Map data flows
  • Determine legal basis
  • Implement / Update processes
  • Be transparent
  • Engage people

One final tip to help you start your preparation today for 25th May 2018… book the GGFit / Databasix webinar next Tuesday 28th November here.



1 comment:

Pietersen Kevin said...
This comment has been removed by a blog administrator.