Editor's Note: Take a look at our featured best practice, GDPR Privacy Impact Assessment (PIA) Template (Excel workbook). The purpose of this tool is to help you assess the risks data protection processes face during each processing phase and put the necessary steps in place to effectively start your GDPR compliance project.
How the GDPR Will Impact Corporate Events
* * * *
With the deadline for compliance with the European General Data Protection Regulation (GDPR) coming ever closer, you may be wondering how it is going to affect your corporate events. Designed to streamline the current legislation, the GDPR is intended as a means to address and provide for the personal data concerns of private individuals. For corporate events with a global reach, this means that you will be affected by the GDPR if any of your attendees or speakers are EU residents. Even if your event is held outside of Europe, you will still need to make changes to a number of basic elements when it comes to your event planning.
Are you affected?
For some reason, many people are of the belief that the GDPR will only matter in the event of a data breach, but it’s actually a little deeper and all-encompassing than that. One of the key criteria of GDPR is that businesses will face audits, and if they are found to be non-compliant then there is the risk of some very significant fines. Those fines alone should be enough to make you sit up and take notice of GDPR, with penalties of up to €20 million or a 4% fine on your annual global revenue. These amounts could be fatal to any business. In event planning, data collection is a given, whether it’s in the form of registration systems, social media listings or even survey results. When your business involves keeping track of visitor numbers, the names of attendees and their contact details, right up to disability requirements and dietary needs, it’s often a surprise to realize just how much data you have to hand.
Your security obligations
GDPR raises a number of new elements to consider when it comes to data storage and the information that you obtain. With the increasing number of costly cybercrimes that can affect any business at any time, you will have a strict time-limit to report any data breaches to the relevant authorities. Failure to do so means non-compliance and those heafty fines. Therefore, because of these reasons, many businesses including corporate event planners are opting to use resources like Torix, with their dedicated IT support and cybersecurity Reading expertise.
The importance of consent
Current laws mean that you can rely on implied consent, making it much easier to collect data and use it as your business requires. The GDPR will change that, and users will now have to give consent to having their data stored and details on just how that data will be used, with as much specificity as possible. Before you’ve collected one scrap of information in the build-up to your event, you will need to ensure that you provide the relevant information and give users the option to opt out of any data storage at any point. This will apply to the data that you already have on EU residents, including those from the UK. Your current data stores will need to be reclassified and destroyed unless you re-contact the individuals concerned and obtain consent.
GDPR is the biggest shake-up to the IT world since the start of the new millennium and will mean a greater sense of security for those that are concerned about who stores their personal data and how they use it. In light of the recent controversies, GDPR may be coming into effect at just the right time.
Excel workbook
This Excel Spreadsheet contains 3 parts:
The first part includes a plan of 35 activities that may be used to assess compliance to the EU GDPR and an indicative set of compliance controls.
The second part contains a full list of Data Protection Compliance Measures (strategies, plans, [read more]
Do You Want to Implement Business Best Practices?
You can download in-depth presentations on GDPR and 100s of management topics from the FlevyPro Library. FlevyPro is trusted and utilized by 1000s of management consultants and corporate executives.
For even more best practices available on Flevy, have a look at our top 100 lists:
- Top 100 in Strategy & Transformation
- Top 100 in Digital Transformation
- Top 100 in Operational Excellence
- Top 100 in Organization & Change
- Top 100 Management Consulting Frameworks
These best practices are of the same as those leveraged by top-tier management consulting firms, like McKinsey, BCG, Bain, and Accenture. Improve the growth and efficiency of your organization by utilizing these best practice frameworks, templates, and tools. Most were developed by seasoned executives and consultants with over 20+ years of experience.
Readers of This Article Are Interested in These Resources
65-page PDF document
This document describes a set of methods and tools that enable, facilitate and support you in assessing your data protection risks and executing a Data Protection Impact Assessment
(DPIA) for existing as well as for new products, services, systems, functions and information systems, that [read more]
|
|
Excel workbook
|
|
183-slide PowerPoint presentation
| |||
About Shane Avron
Shane Avron is a freelance writer, specializing in business, general management, enterprise software, and digital technologies. In addition to Flevy, Shane's articles have appeared in Huffington Post, Forbes Magazine, among other business journals.
