Hospitality
6 | Today | Summer 2017
and the ‘ GDPR ’
In this issue we shine the spotlight on the ‘ GDPR ’, the new data protection rules due to come into force in less than a year ’ s time . On these pages , the Forum of Private Business warns that many small businesses are totally unprepared and “ won ’ t be able to cope ”, and on a practical note , IP lawyer Medina Forson advises what hospitality businesses should be doing :
New Data Protection Bill risks being the ‘ death knell ’ for many small businesses , warns Forum of Private Business
The Forum of Private Business is calling on the Government to form a working group to consider the impact on small businesses of the proposed GDPR legislation , as a lack of clarity on what small business can and cannot do in terms of data use will lead to inertia through fear of breaking the new rules . The Forum cites four main concerns :
That only larger businesses , with in house compliance guidance or the budget to employ outside consultants , have paid any attention to what the implications of the legislation are . Inadequate guidance has been given by the Information Commissioner ’ s Office to help small businesses , and there appear to be areas of the Bill that are open to interpretation which do not give the clarity that small businesses need .
Whilst focus of the legislation is towards protecting personal data , there appear to be material unintended consequences that could impact small businesses .
The main focus so far , has been on how big business manages personal data and inadequate attention has been given to how these changes may affect small businesses .
The way many small businesses operate in today ’ s world relies on electronic communication with existing and prospective customers . Many businesses rely on email lists for their marketing , and the prospect of obtaining overt consent , and maintaining consent records , is one that many businesses will simply not be able to cope with .
Small and micro businesses already face a disproportionate cost of complying with regulations when compared to big business . The potential for many of them now to have to employ or train staff to deal with compliance on data management or buy online data management tools will be a burden that some will not be able to accommodate , and the threat of the draconian fines that attach to breaches of GDPR will be sufficient to lead some businesses simply to close down .