Monday, May 21, 2018

GDPR

I shall be doing a GDPR training course today. That means "General Data Protection Regulations" and the regulations concerned come into effect on Friday.

If you're experience has been anything like mine, it probably seems like every voluntary organisation you are a member of is worried about whether it can communicate with its members and what data it can hold about them, and is frantically trying to get permission to do so, and almost every company you have ever dealt with is contacting you to ask permission to continue to do so.

It is often said that many a true word is spoken in jest and there seems to be an awful lot of truth in jokes like a spoof article on the NewsThump site,

"New law designed to stop you receiving unwanted email generating terabytes of unwanted email"

which begins

"The new General Data Protection Regulation laws designed to stop everyone receiving unwanted email have resulted in the generation of billions of terabytes of unwanted email as every company ever is emailing you to tell you about it."

Apart from the minor detail that the main aim of the GDPR is supposed to be to give individuals and residents more control over their own data and not just to stop unwanted emails this allegedly "spoof" article is pretty much dead right.

Another joke I saw yesterday on Twitter

"He's making a list
He's checking it twice
He's gonna find out who's naughty or nice
Santa Claus is in contravention of article 4 of the General Data Protection Regulation (EU) 2016/679."



I'm trying to work out how much of the worry by various organisations is overblown. Half the responses to the tweet I have just quoted said things like

"No it's fine as long as he stores it properly and has a good retention schedule and documents it all properly."

and

"If all letters to Santa are now written on a pre-designed form, paper or electronic, with a double tick box, he should be okay."

And yes, this is an EU regulation but we have not left yet so it still applies to us.

I just hope the new rules are implemented with common sense. I know, that would be a first wouldn't it ....

2 comments:

Anonymous said...

I received such a notice about the 'General Data Protection Regulation' from Natwest Bank - they sent it to the wrong address!

Chris Whiteside said...

Doesn't that just say it all!