Information experts Tailored Data Solutions are urgently reminding marketing agencies of an impending deadline for making theirs and their clients’ stored data compliant with a new law.
The incoming General Data Protection Regulation GDRP has a deadline of 25 May 2018 for all companies to get their systems up to scratch. This will mean both their storage and use of all information they keep about their customers will have to meet the new standards.
The company is particularly well-placed to understand the issues as Mike Lenard, the firm’s managing director, is himself a certified member of the Chartered Institute of Marketing (CIM). This requires significant understanding of the issues and challenges of the marketing industry.
Lenard explained, “The reason for the new rules is to protect consumers and try and bring together data protection across all European countries. The UK Government has to respond to this direction with national rules and legislation. This is why companies now need to pay attention. We can support marketing agencies to enable their own clients to become GDPR compliant.”
The GDPR is a regulation passed down by the European Union institutions, and has passed through the European Parliament, the Council of the European Union and the European Commission.
Lenard added, “It is great to be part of CIM. It means that we can develop a really good view on the help professional marketers actually need. We’re well-prepared to collaborate and be part of this – after all, it’s hugely important to educate businesses and highlight the implications.”
Under the new rules a firm can be fined up to €20 million, or 4% of global turnover, whichever is higher, if it is found to be non-compliant. This can also be applied for not letting the regulator, or the person whose records are being held, know about a breach. Not conducting impact assessments will also possibly incur penalties.
The GDPR breach notification proviso means businesses need to do more than just let the regulator know if there’s a problem. The relevant people in a company will need to report the type of data involved, the records affected and how many people’s data is involved.
They’ll also need to share some knowledge about what the cyber-criminal or employees did to cause the breach.
The rules mean the authorities can:
• Issue warnings about bad practice
• Look at company records to complete audits
• Give businesses deadlines for making urgent changes to their systems
• Demand businesses remove information from their records
• Issue restrictions about moving data to other countries
• Apply these powers to data controllers and processors
To help organisations cope with this change, Tailored Data Solutions is offering GDPR Consultancy. For a small fee, the company can visit and offer a set of recommendations created to make any organisation GDPR compliant.Go back