Reviewed by Stuart Pringle
Earlier this week team PracticeWEB headed over to the Heron tower in London to put on a special breakfast event for accountants.
The hot topic of discussion; GDPR.
The format was fairly straight forward, good food, good company and a straight talking speaker. Doors opened at 08.30am, 40 floors up in the Sushi Samba restaurant.
The room quickly filled up and we had a full compliment of 30 guests around the table.
We asked Paul Laughlin to join us to deliver a keynote over bacon rolls and poached eggs. Paul is an independent customer insight expert who I’ve worked with on previous projects and really knows his onions when it comes to all things customer data. Learn a bit more about Paul here.
Paul proceeded to deliver an ambitious 40 minute tour-de-force of everything you need to know ahead of the incoming regulations next May.
His talk 10 main talking points:
- Personal Data and Data subject & Pseudonymisation
- Consent & Legitimate interests
- Right to object to Profiling, Right to object to Marketing
- Right to be forgotten
- Right to data portability
- Subject Access Requests
- Privacy by Design & Data Protection Impact Assessments
- Data Protection Impact Assessments & Data Protection Officer
- 3rd Parties & Contracts & Data Processor liability
- Data Breaches
And just when we thought it was all getting a bit too much he then offered us some very useful tips on how to approach the subject in our own businesses – all delivered in his very calming tones!
Paul talked us through a 4 step process
- Audit your data & processes (including 3rd parties & contracts)
- Identify and prioritise likely gaps (produce high-level plan)
- Change projects to include DPIAs & Privacy by Design (from now)
- Educate your whole business
The over-riding message from the morning was do not panic! There is a lot of scaremongering about this topic across the media right now. It is clear from both Paul’s wise words and ICO blogs in the topic that the best thing we can all do right now is take a look at our data, consider how we are using it & storing it, and take action to make sure that our processes, motivations and goals are what constitutes reasonable businesses as usual activity.
This event was a fully booked, we may well do another in the New Year. If you’d like to be on the invite list please get in touch.