Flame PR
  • Services
    • PR
    • Broadcast
    • Digital
  • Sectors
    • Tech PR
    • Financial PR
    • Retail PR
    • Blockchain PR
  • About
    • About Us
    • The Team
    • Portfolio
    • Careers
  • Blog
  • Contact
  • Services
    • PR
    • Broadcast
    • Digital
  • Sectors
    • Tech PR
    • Financial PR
    • Retail PR
    • Blockchain PR
  • About
    • About Us
    • The Team
    • Portfolio
    • Careers
  • Blog
  • Contact

​
​​Flame PR Blog

How to avoid a GDPR Crisis

24/5/2018

0 Comments

 

by Romana Shah

Picture

The biggest shake up in data regulation comes into force on Friday and it'll soon become clear which companies are prepared and which companies are struggling to comply by the deadline.

Leaving no industry untouched, this topic has been heavily debated amongst the press, at conferences and by companies all trying to get to grips with what they need to do in order to operate in a post GDPR world.

GDPR is constructed of a list of requirements around transparent processing & storage, data subject rights, personal data breaches, data transfer etc. but it does not have a prescriptive approach on how a company will evidence that it is complying with the legislation.

This has opened up companies to different interpretations on what complying looks like. Whatever a business decide PR professional play an important role in ensuring the relevant lines of communication stay open, specifically in the case of incompliance.

Develop a crisis plan

The regulation instructs that data breaches must be reported to European regulators and their customers within 72 hours. For PRs, setting out a crisis plan on the steps to ensure smooth communication in the event of a data breach is key to avoid a GDPR crisis.

As part of this process, developing preapproved comments that can be filled in quickly in the event of a breach can ensure your client keeps in control of the situation and mitigates any reputational consequences.
Constant monitoring of traditional and social media for any reports of the incident is key to also maintain control of the situation and the message you want to send out to both your customers, partners, suppliers.

Getting everyone on the same page

When there is significant processing of personal data within a business, they should assign a Data Protection Officer (DPO). The DPO will have the responsibility of advising the company about compliance with EU GDPR requirements. However, assuming they hold all responsibility over the data should not be the strategy a business adopts. No matter how big the company is, it is unrealistic for any DPO to be across everything that goes on in a business.

Any sort of change can fall flat if you do not get every member of the team involved in understanding the importance of what good governance and compliance looks like.

In order to avoid a GDPR crisis, businesses need to look beyond the deadline. It is not like an exam where you submit your work and wait for a pass or fail. There needs to be constant assurance and effort to ensure data management is maintained.
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Blog Archives:

    March 2020
    October 2019
    June 2019
    April 2019
    March 2019
    February 2019
    January 2019
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    December 2016
    October 2016
    September 2016
    August 2016
    July 2016

About     International     Portfolio     Blog     Contact

​
​​37 Pear Tree Street, London, EC1V 3AG
311 West 43rd St, New York, NY 10036

020 3357 9740

​Sitemap