Three easy steps to tackling GDPR, and sleeping better

By: Corrie Williams, Managing Director of Elemental
17 April 2018

Has GDPR been keeping you awake at night?

As someone who has run a business managing high-quality data for clients over the last decade, I too have had my fair share of sleepless nights.

You know your sales, marketing and business development campaigns need solid, reliable and up-to-date data. And you know GDPR is coming. But you may be asking: How much work is involved? What resources do I need? What’s the best way to approach this?

Whilst there is certainly pressure for us professionals to understand this subject and become GDPR compliant, let’s not get taken in by the hype around fines for non-compliance and data breaches which create unnecessary stress. My advice: don’t ignore it, but equally don’t let it absorb you.

To help you get started, I’ve pulled together an easy-to-read three-point action plan below. Read it, use it, and you will feel better about how to tackle your transition to GDPR-readiness.

1 Read up and research

It is important to find out what you are dealing with, so you need to do your research. And there’s no shortage of content: type ‘GDPR blog’ into Google and take your pick from over 11 million search results. Try reading all those before 25th May!

We’ll assume you are probably squeezed for time, so if you read just one other resource (other than this blog), make sure it’s the ICO’s helpful 12 step checklist to prepare for GDPR. It walks you through how to review your data processes, manage consent, create procedures for data breaches, manage accountability, and much more. It’s worth noting not all the ICO’s 12 steps may apply to you – only use what you need.

2 Plan your time, and prioritise

You already have a day job to get on with. You have people to manage, meetings to attend, clients to impress. Tackling GDPR won’t take five minutes. The sooner you start project planning this process, the better. The administration of the process alone will likely have an impact; here’s some rough timings we have experienced even before getting to delivery of actions!

  • Regular calls/meetings – 30 minutes per week
  • Actions from meeting – 1 hour per week

You cannot tackle everything at once, so be selective and shrewd about what you prioritise. One of the biggest areas of GDPR that affects us is around consented data, and something which is absolutely integral to our line of work at Elemental, so we’ve approached it first.

3 Get into good habits

Gaining consent, much like other parts of GDPR is about getting into good habits early on and ensuring you, and your team adhere to them. We made three immediate changes, which the team have embraced right from the off:

  • Added two columns to all new spreadsheets (this could be your CRM), capturing ‘Verbal Consent’ and ‘Written Consent’ – simple, yes, but effective.
  • Make verbal consent part of our telemarketing scripts. If you are targeted and relevant with your telemarketing calls, the chances are you have built up trust and they will agree – but it is vital to ask, no excuses.
  • Ask for written consent as part of fulfilment email and information. If you ask for consent whilst they are engaged with you, and you’ll increase your chances of getting it.

What now?

Well, don’t wait at all. You should have enough guidance and motivation to get going.

If you start this process, or have already started, and feel overwhelmed, we have a team of highly experienced professionals on-hand to offer bespoke approaches to reviewing, gathering and managing consented data, giving you peace of mind that GDPR will not stop you getting some much-deserved shut-eye.

Sleep tight!