How safe is your data?

Before launching The PA Portal, I was quick to recognise that as a new business owner I needed to become much more social media savvy.  So, what did I do?  Well, I went on some courses and stalked the hell out of lots of other established Virtual Assistants.  Not in a creepy way, just for educational purposes of course!

I quickly worked out that stepping into social media marketing would not only get my business name out there, and drive traffic to my website, but it would open up those ever so important communication channels with future potential clients.  But when I’d gathered my client’s contact information, what should, or could I do with it? Time then for more research, especially around that sticky subject of ‘data’.

Registering with the ICO

Most people know that you can’t just collect anyone’s personal data. However, did you know that under the Data Protection Act 1998, every organisation that processes personal information needs to register with the Information Commissioner’s Office (ICO)?  It’s a criminal offence not to.  For me, it was a no-brainer.  I offer a wide range of confidential services, and really get involved in all aspects of my client’s businesses so I didn’t delay, I registered The PA Portal straightaway.

It’s not just about paying the annual charge, I’ve also got to ensure I have processes in place. It’s essential that I follow the right protocols to protect my client’s sensitive data when it’s in my hands.  When we’re talking data, I think it’s also important to think like a consumer. We are all consumers of something.  I want the companies that I interact with on a personal level, to ensure that they are looking after my data sensibly too.  But are they? The answer is – if they’re not, they soon will be.

Change is coming – GDPR is on its way!

The powers that be are making it harder for the social media giants like Facebook, Twitter and the tech God Google,  to hold and retain your personal data.  We are all going to have a little more power back when the new Data Protection Bill comes into force. Sounds good. It will make it much easier for us to find out how companies are using our personal details, including our browsing history.  Plus, the Bill will also greatly increase the “right to be forgotten” – allowing us to make those companies delete that most personal of information.

What’s great is that companies will need to be more upfront about how data is collected.  No more forgetting to untick a box.  You won’t be tricked into giving your data unless you give your explicit consent. Phew!

These are the rights that you’ll have

1. The right to be informed
2. The right of access
3. The right of rectification
4. The right to erasure
5. The right to restrict processing
6. The rights to data portability
7. The right to object

When is it changing?

You’ll be hearing a lot more about all this legislation next month, as it’s going to be announced in the Queen’s Speech when Parliament resits after their soggy summer break. Remember, you heard it here first!  You may also see it referenced alongside the General Data Protection Regulation (GDPR), which comes into force across all EU nations on 25^th May 2018. The UK’s new Data Protection Bill sits alongside it.  A significant factor in all of this change is that the ICO are being given much tougher powers. The maximum fine is soaring from £500k now, to a whopping £17 million or 10% of global turnover. Big news.

If you’re a business owner or deal with customer data at work, I’d suggest you start doing your own research into this now.  Get ahead of the deadline. There’s a lot more info on the ICO website, and there are specialist companies out there that can guide you through the process and get your data all locked down.

I’ll be advising all my clients to review their data practices, and supporting them to get their procedures watertight ready for May next year.

I think we all need to be aware of our own data. The PA Portal can help you to stay safe out there.