Exhibition News October 2017 - Page 15

AGENDA Marketing in the GDPR age On 20 September, more than 150 event profs descended on Sandown Park Racecourse for the seventh EN Race Day. This year’s topic was the issue on everyone’s minds: General Data Protection Regulation Christine Andrews, managing director, DQM GRC The UK’s Information Commissioner, Elizabeth Denham has described what she expects organisations to have in place by May 2018, when GDPR offi cially comes into force. For her there are three important words: accountability, demonstrability and transparency. And she talks mostly about accountability. Accountability means being able to demonstrate that you comply with the principles – most of which are in the current Data Protection Act but have been enhanced under the new data protection regulation, but it also states that it is explicitly your responsibility. You have to step up and say, ‘I’m accountable, this is my responsibility and I understand what I need to do’. The second thing that’s important is implementing appropriate technical and organisational measures so you can demonstrate that you comply. For example, having an internal data protection policy is the fi rst tick in the box, as is doing things like staff training. Where appropriate appoint a data protection offi cer. You should also implement measures that meet the principles of data protection by design and default. That effectively means getting data privacy into the DNA of the company and not thinking about it as an afterthought. The important thing about this regulation is that it elevates privacy, and the right we as individuals have to data privacy, to a human right. It’s about getting people to do the right thing with consumer data. So it’s really important you’re clear and transparent about what you’re doing with individuals’ data. It’s about allowing