[Poll Of The Week]: Changes To The Data Protection Act in 2018 - How Ready Are You?

With the news hitting recently that the Data Protection Act is set for big change come next year, turning into the newly named General Data Protection Regulation (GDPR) - it’s going to mean all UK SMEs and event planners need to make sure we’re fully complying with the new system.

Link about it below:

http://www.telegraph.co.uk/connect/small-business/business-networks/bt/data-protection-laws-changing/

I’ve so far tried to look up a general overview of what we’re meant to do in regards to storing people’s data (i.e. our mailing lists), but I’m yet to get my head anywhere NEAR understanding it all!

Has anyone so far found a nice easy step by step tool that tells you exactly what we need to do to make sure we’ll fully comply with the new regulations? There’s lots of chatter around asking ‘are you ready’ and encouraging businesses to start the ball rolling as early as possible re. becoming compliant - but I think it needs to be clearer exactly what, practically, we need to do.

Anyone else in the same boat?

Hi,

I found this blog which has a downloadable e-book which I thought was quite helpful.

That’s brilliant, many thanks @CrystalE - Have downloaded the eBook and will set some time to have a good look through it.

I’ve been in touch with Mailchimp recently to ask if they’ve got any plans to issue its users with guidelines of what we need to do re. GDPR compliance; in regards to actual practical advice on setting up new lists etc, including any automated tools of theirs that might make things easier.

They said they’re working with the people at GDPR direct at the moment to try and make sense of it all, and will be hopefully letting people know more info in due course.

This whole GDPR thing seems such a shambles to me; it’s nowhere near enough time for small businesses to be able to dedicate appropriate time to get their stuff in order. Let alone people like us who run free networking events, in our spare time - which makes this all the more galling!

If I get any info from them (as they said they would be adding me to a list of people to send stuff through to) I’ll let you all know, for all you fellow Mailchimp users.

Thanks Richard. For the unitiated, what are the main changes that will come into effect with GDPR?

It’s a minefield I’m still trying to get my head around (as is Mailchimp) @nick_lawson - however thanks to @CrystalE 's link above it definitely helps to work out what we need to do.

Essentially, (seemingly) we all have to start our lists again, from scratch; as we need to be able to prove, categorically, that the people on the list have actively requested to be on the list via double opt-in signup forms etc, so we could generate a report that all these people are legally on our list.

I’m hoping Mailchimp can help us with some of this via automation etc in some way, but it looks like for now we’re going to have to manually start a whole new list and start inviting people to sign up to that one instead, in the hope we’ll get all people on our current list to do so before May next year!

I started researching this for an article and I’ve got to say, I had no idea how much of an impact GDPR is going to have on event organisers. I wonder how many people here do? Here’s what I found out: https://www.eventbrite.co.uk/blog/data-protection-for-event-organisers-ds00/

Handy link, thanks for that.
Yeah it’s an absolute minefield, it really is. The Brummies Networking team and I essentially came to the conclusion that the best way (safest way) for us to proceed is to essentially start our database again.

We’re currently planning a series of emails to send out to everyone, to give them the link to re-register themselves; and in return, for the hassle of having to do so, we’ll be sending by way of auto-responder once the signup process has finished, a free eBook on the Brummies Guide To Networking, which I have to say we’re quite proud of.

So at least offering something for free should encourage people to be proactive about it and sign up again there and then. (It’ll require a few reminders for the laggers, but that’s to be expected).

Starting again from scratch seems to be the most foolproof way unfortunately!

I think you’re right here - what an enormous effort this is going to cause people… not to get political but is this really outweighed by the benefit this legislation will bring to consumers?

FYI we are now hosting an online event on this subject for people who are interested:
http://www.eventtribe.com/t/online-event-the-impact-of-gdpr-on-marketing-event-professionals-22-nov/3117/1

Add to that I really don’t think this timeframe we’re all having to work to is remotely acceptable, or indeed feasible for many. It’s just too short a time span. It’s something that should require about 4+ years of heads-up, to enable everyone to prepare themselves.

In some ways it’s nice to have a stronger legislation to protect consumers etc - but if I think of all the people I receive email from, both professionally and personally, I have only received ONE GDPR related ‘please sign up again’ email. No online shops have done this yet for me, nothing from suppliers, you name it - I’ve not seen a peep from anyone about it yet!

I think it’s also wildly unrealistic for the EU/Gov’t to think small businesses can just do this at the drop of a hat - it’s taken us guys a long time (on our own time) to get to grips with all this, and on some bits we’re still clueless, and there’s still varying information coming out.
Especially given all the mentions of ‘get your company’s data protection officer to do all this for you’ etc. Small businesses, generally, haven’t got one! Especially micro businesses and one-man-bands.

We’ve done 2 seminars now, done lots of research, and there doesn’t appear to be an absolute stone-cold bulletproof ‘this is what you need to do’ that’s come direct from the originators of the GDPR legislation that lays it out in black and white. It just seems a bit of a mess.

But yes, I spotted that link to the online event, and have duly registered! The more information the better, in my book!

I guess it depends on how you opted in to the list in the first place. If you did it very explicitly then the company wouldn’t need to revalidate. I think one of the biggest concerns for event organisers is not necessarily their email lists - it’s quite easy to send out an email requesting re-opt in, but the change of systems they will have to install in order to be compliant when working with event data. This includes protecting ‘confidential’ information such as dietary requirements of attendees and employee details. They have to be very careful when sharing this information both outside the company and inside, and protect it from potential hacking.

I did a really interesting interview with the founder of Liveforce last week, which is event staffing software and we talked about the impact of GDPR. I think planners will have to move to more secure systems like this and stop organising in spreadsheets.

Absolutely right.

I was hoping that within Mailchimp etc there’d be a nice easy way to get people to confirm their opt-in status by clicking one button from an email. But so far not found anything like that. Just so it’s completely idiot proof and uber-simple for someone to just click one button to be re-authorised etc on a list.
Doesn’t seem like that kind of thing happens though, hence starting the new list.

But yeah, the mass of info event organisers could have on people, that’ll potentially be problematic. Luckily with us, we only have bare bones information; Name, Business, and Email address. That’s the lot. So in the grand scheme, I guess we’ve got it fairly easy.

Thanks @CrystalE Really helpful

Sounds like it’s going to make it more difficult for those of us freelancing on an event if new software is involved rather than “here’s our mailing list spreadsheet…please can you send them something…” Sure we’ll find a way though!

As an organiser of a large event this was something I wasn’t aware of. The roll out will catch out a lot of organisers.

Until a handful of months ago when a colleague of mine stumbled across it at a seminar, I hadn’t heard of it either!

I think the GDPR’s originators’ notifying of the business community has been abysmal! It should be massively-known common knowledge, and it’s still new for so many people; with such a short timeframe to get everything in order, too.

I agree. There should be a television awareness campaign, since all business owners will be affected.

Completely agree - it should be as widespread as HMRC’s adverts with that bloke that keeps going on about “Tax doesn’t need to be taxing…”.

As you say, considering this is going to affect every single business in the UK, it’s appalling that they haven’t done more to educate people. (With STILL a mass of misinformation out there)

It feels like speed cameras in the days they used to be more hidden - they’re just counting on catching people out to go after fines.

Maybe the Government thinks it’s not a priority because it’s an EU initiative and we’ll be out soon? Doesn’t mean it won’t still affect people though…