October 2016
Data Protection
17
Is your reputation at stake?
Simon Clayton
with a timely
warning about
the importance
of keeping the
right side of data
protection legislation
“It would never happen to you because why would
anyone want to hack ‘insignificant little you’?”
The UK has had data protection
legislation for nearly 20 years,
yet event organisations and
associations are still failing to
protect the personal data they
collect.
Every week we hear of
another company that has been
hacked – which means that
people’s personal data has been
acquired by criminals who are
selling it on. But most of you
won’t relate to this: It would
never happen to you because
why would anyone want to
hack ‘insignificant little you’?
But it should matter, because
associations rely on personal
CN-10-16-AEM.indd 17
data and, even more so, on the
trust of the people whose data
it is; yet how many actually
provide proper protection for
the personal data they collect?
More important, how many
understand fully their legal
obligations in this area?
It can seem daunting but,
as with health and safety
regulations, every association
needs to understand data
protection. Apart from the
damage to reputations when
data is stolen, the penalties
for failing to protect personal
data are likely to increase
dramatically soon. Strict new
legislation that will become law
in 2018 will increase fines for
data breaches to a maximum of
€20m or 4% of global turnover
– whichever is higher.
Additionally, on the 1 August
a new security policy came into
effect. ‘Privacy Shield’ replaces
the defunct ‘Safe Harbour’
agreement that was in place
to cover the transference of
personal data between the
EU and the USA. This new
agreement will affect you if
you hold or transfer data about
European attendees to the US.
That means if your registration
or database company stores
data in the US, data is sent to
a US company – or even if you
happen to log in and check
some attendee details in a web
browser while on holiday in the
States.
Data protection is something that
should be recognised as critically
important.
For more information and advice
on data protection within the
events industry, download this
free white paper: eventreference.
com/promo-www/datasafety/
download.php
Simon Clayton is chief ideas
officer, RefTech
22/09/2016 14:44