Over the last several months the media has been bombarding us with information about the power of big data. Stories focused on Cambridge Analytica have started a feeding frenzy concerning data protection. Data gathering which allowed organizations to offer more tailored, targeted and personalized products and services are now being questioned for how they gather data. While many of us as consumers benefit from this type of information gathering, it does raise some ethical questions. Many of us are being bombarded with notices about the upcoming EU new data laws (GDPR). These emails are vague, and sometimes highly technical. I'm asked daily, "What is GDPR and how does it impact us?".
In a nutshell, GDPR ( The General Data Protection Regulation) Act will be enforced across Europe starting May 25, 2018. The primary aim behind the new law is to give EU citizens more control over their data and create uniform rules on how data is gathered. I'm in the US, why should I care?Although this law EU based, it will have a global impact. It will affect any business holding personal data on customers, sales leads or employees based within the EU. Cross-border organizations can be fined for not complying with the law. So what are the new rules?
The rules are very complicated but can be addressed by taking simple steps.
Make sure the consumer consents to giving you the data. Permission is easy enough to do. ( Online subscriptions, sign up forms, etc.)
Know what data you have, and why you have it.
Manage the data
Assign someone to be responsible for the data
Encrypt sensitive data
Create a data security culture
Erase any data when requested
About the author-Kimberlie Gilliland-Sikora is an Assistant Professor and Director of Institutional Advancement at Star University. Additionally, she is the Executive Director to the Cherokee PINS Project Foundation and a contributor to BoDi Concepts.