What is GDPR? How to turn GDPR into our next competitive advantage & avoid the penalties!
Today, we are talking about General Data Protection Regulation (GDPR) and the due date for businesses to be compliant is fast approaching… May 25th, 2018.
We chat with Dr. Ann Cavoukian who gives us the low-down on the importance of GDPR, the relevance, the implications and some tools that will enable us to be prepared and turn this into our next competitive advantage.
Dr. Ann Cavoukian is recognized as one of the world's leading privacy experts. She is currently the Distinguished Expert-in-Residence, leading the Privacy by Design Centre of Excellence at Ryerson University. Her Privacy by Design framework is now the International Standard and has been translated into 39 languages.Dr. Ann Cavoukian has won numerous awards such as Top 25 Women of Influence in Canada Top 10 Women in Data Security & Privacy, Power 50 by Canadian Business, Top 100 Leaders in Identity.
- 40% of companies of are prepared for GDPR
- GDPR will be very positive if you can get ahead of it
- 92% of consumers are concerned about their privacy and loss of control
- Consumers don’t want this lack of control
- Lead by telling your customers that you’re protecting their privacy
- Make it a win-win prospect, this will build loyalty and customer trust
- GDPR applies to all 28 EU member countries – It’s one overarching regulation
- GDPR raises privacy dramatically and includes privacy by design
- Privacy by design is the strongest form of privacy protection because it’s proactive
- Privacy by default, which is the 2nd privacy by design principle is included in GDPR
- It says that the companies need to get customer’s positive consent – Opt-In versus Opt-out
- Need to make it clear on how we collect people’s information, what purpose they use it for and the ways in which they process the data
- Review what you are doing now, identify what customer information that you’re acquiring
- Consumers now have the right to have their data deleted at any time if they feel that is not required
- Each element of data collected needs to have a clear purpose and intent, in which consumers have provided their permission
- Need to get the consent from the customer – need to seek their positive consent
- Penalties – 4% of your global revenues
- GDPR is the starting point, but it will impact everyone globally
- Everyone wants to do business with the EU
- In Canada, our privacy legislation was pretty good, but now, it’s no now longer adequate. Canadian laws are going to be updated in order to be adequate and consistent with GDPR
- Personal data is defined as any identifiable information – this includes IP addresses, locations, cookies, preferences etc..
- Do Privacy by Design – do the 7 principles and it will show that you are acting in good faith the be compliant
- GDPR has been in the process for 5 years, so companies have had lots of time to get ready for May 25th, 2018 deadline
- GDPR is going to take a hard line on this
- You can have privacy and marketing and give consumer options
- Need to re-validate with your existing customers of which data they should be using
- Shouldn’t be using and keeping personal data forever, we should be purging
- Security breaches are becoming more and more common
- ICO.Org.UK – 12 Steps to take now –
- Privacy by Design – Seven Foundational Steps –
- Data Protection Self Assessment
- Direct Marketing Checklist
- EU GDPR – https://www.eugdpr.org/
- Article: Data Privacy deadline looms in EU, and yes, Canadian business must comply
- ITPRO Article: GDPR Preparation: 2018 data protection changes
- Article: GDPREU.ORG – Personal Data
I even published a blog about GDPR CanInnovate Blog
Have you seen the new CanInnovate resources & tools page, that provides different offers and discounts. Who doesn't love to save money?
Thanks again for tuning in! Would love to hear/read your thoughts and feedback. If you get a minute, perhaps even leave a review 🙂 I'm still channelling Gary Vee! Ratings and reviews are my oxygen!:)
Talk to you all next week.