GDPR and your business
LAST month two significant things happened. The UK Government met to discuss the progress of the Data Protection Bill through the house and when consumers and businesses can expect it to come into law.
Secondly, the Financial Conduct Authority (FCA) and the Information Commissioners Office (ICO) published an update on the EU General Data Protection Regulation (GDPR). The Data Protection Bill, which was first announced in June last year, is designed to implement the government's manifesto commitments to modernising data protection laws.
Culture Secretary, Karen Bradley summed up what the bill will mean to businesses, when she stated: "The Data Protection Bill will give people more control over their data, support businesses in their use of data, and prepare Britain for Brexit. In the digital world strong cyber security and data protection go hand in hand. This Bill is a key component of our work to secure personal information online.”
Speaking with my colleague, James Delves, head of PR and political affairs at CIM regarding the current situation, it's clear that the Data Protection Bill is on track and will be in power sooner rather than later. In fact, CIM expects the bill to be introduced after the government recess, which ended at the end of February.
:: GDPR less than 100 days
In addition, the FCA and the ICO published an update on GDPR. The update addresses issues such as new FCA's rulings, which require financial services firms to process personal data and the possible affect that this has with complying with GDPR.”
The joint statement says: “We believe the GDPR does not impose requirements which are incompatible with the rules in the FCA Handbook. Indeed, there are a number of requirements that are common to the GDPR and the financial regulatory regime detailed in the Handbook. The requirement to treat customers fairly is also central to both data protection law and the current financial services regulatory framework.”
The FCA, ICO and CIM all agree that GDPR compliance is a board level responsibility. Organisations must embrace the new law and regulatory framework and be able to produce evidence to demonstrate they have taken steps to treat customers fairly. Both the FCA and ICO also pointed out that they recognise there will be ongoing discussions to ensure how GDPR can be implemented consistently within the wider regulatory landscape.
:: Why GDPR is a business advantage
At CIM, we feel that handling consumer data correctly is a business-critical issue. Done poorly, and from May 25, it could result in big fines potentially up to €20 million or 4 per cent of a business' global annual turnover.
But if data is handled correctly, it can provide a real business advantage, allowing marketers to reach the right audience, in the right way, at the right time. After all, understanding customers and meeting their needs is fundamental to everything we do as marketers.
CIM Ireland has been running data protection seminars since 2016 and (today) March 6, CIM will revisit these issues again in conjunction with legal expertise from Cleaver Fulton Rankin. Alongside this, we have developed an online marketing and GDPR course, ensuring that marketers can handle data correctly and create business advantage.
:: Carol Magill is CIM network manager for Ireland