A deluge of privacy policies and subscribe requests heralded the arrival of the new General Data Protection Regulation (GDPR) at the end of May. From a user perspective, it’s a positive step. For businesses, it’s an opportunity to review and update interactions with customers, ensuring compliance and optimum efficiency. This is where technology has a vital role.
Protection of personal data is now a crucial part of every data-processing system. What was previously an ‘add-on’ or addition within business systems must now feature at the core of technology within organisations.
There are three technology-based goals that GDPR aims to achieve:
1. Organisations to take ‘appropriate technical and organisational measures’ to protect data
The Information Commissioner’s Office is clear that when developing these measures, organisations must pay attention to the ‘nature, scope, context and purposes of processing’ involved. “We recommend that you carry out a risk assessment to understand the full impact your technology can have upon individuals’ rights,” says Eric Hughes of EMH Technology. “Many business owners have carefully thought through their marketing strategy and operational processes. Technology plays a vital role and has often been overlooked.”
2. Individuals’ rights to be protected by the technological environment
GDPR is very clear about the rights of individuals. To enable your organisation to meet this obligation, your technology should offer the following functionality:
3. A proper approach to technology design and deployment
These system design requirements help data protection to flow into technology:
Organisations controlling personal data need to implement appropriate technical and organisational measures to demonstrate that they are GDPR-compliant. “Technology has always had an essential role in data protection,” says Eric Hughes. “The new regulation is formalising best practice rather than introducing revolutionary measures.”
GDPR isn’t going away and customers are more aware of their rights regarding their data than ever before. EMH Technology works with clients to establish a web portal for GDPR management. This provides a central place to document and manage your GDPR obligations, including:
Please contact us if you would like to find out more about a web portal for GDPR management.
Or to discuss how your technology supports your data protection requirements, contact us for an initial discussion without obligation.