The GDPR is the successor to the Data Protection Act in the UK. There is a lot of worry and panic about the changes it brings.
If you’re in the Northwest of England, I recommend attending a talk by Baines Wilson on the practicalities of the GDPR. It could be the best 2 hours and £25 that you spend for a long time (but I’ll forgive you if you can drink 8 pints in 2 hours).
Cumbersome as the changes are for some businesses, they make a lot of sense from a technical point of view. They’ll help to stop sensitive personal data “floating around”, email addresses being “subscribed” to email marketing lists and data sharing and aggregation between apps and websites.
The key point for business software is governance. Governance has always been a part of big business. Now it needs to be a part of every business.
The Data Protection Act required that businesses only retain sensitive data that they need. The GDPR goes further by requiring businesses to have a demonstrable process to remove sensitive data they don’t need.
The difference might seem subtle but if you store customer records in a CRM, does your CRM let you set up a “rule” to remove unneeded data automatically?
If not, how laborious would it be to log on every month and remove stale data?
Divide, then Conquer
You need to identify each system that stores sensitive personal data. For each system, identify the risks of a data leak and what you can do to mitigate them.
The easiest step you can take to mitigate risk is to remove data that you don’t need. If your systems make it easy to identify data you don’t need and delete it, great. If not, you may need to consider new software.
You should also identify the safeguards in place in each system. Who built the system and what is their track record like? Where is your data located? Do you have full control over it? Do the systems have appropriate protection against attacks?
Some systems you use might not be adequate. If so, now is the time to devise a plan of action.
Are your systems generally good but lacking in some areas?
Consider a bespoke integration to add additional governance to your existing system.
Do your systems need to be replaced completely?
We might be able to create software to help migrate your data to a new system.
Should you consider a bespoke software package?
If off the shelf packages are expensive or limiting, now might be the ideal time to consider moving to bespoke software. Bespoke software gives you more control, more oversight and generally lower ongoing costs.