James Evelegh's editorial from today's edition of InPubWeekly.
GDPR – four letters to strike terror into the hearts of publishing executives – is coming, and I have a sneaking suspicion – call it sixth sense – that most publishers are not ready.
If you’re not 100% GDPR compliant already, then I do recommend that you watch a recording of the excellent webinar given this week by Circdata’s Hellen Beveridge.
A few things that stood out for me: GDPR puts power back into the hands of the data subject, not the data controller; there is no longer any distinction between B2B and B2C data; ‘honest’ and ‘responsibility’ were recurring themes (“be open with yourself and your customers about what you do – if you’re too afraid to say what you’re doing with your data, then you shouldn’t be doing it”); the need for proper data lifecycle management (you can’t just cling onto your data forever). There was loads more good advice.
Compliance date is 25 May 2018 and you need to get cracking now. It will take between now and then to make sure you’re ready.
Hellen identified one quick win you can (and should) do today: “If you’re still sending your data in unencrypted spreadsheets via email, you must stop it now – this is the single most important thing to take from this webinar,” she said.
In a nutshell, password it! And, communicate that password to the recipient separately, ideally using a separate device.
“This one simple procedural change”, continued Hellen, “is the first step to changing attitudes in your organisation towards data security.”
That’s me told…