First GDPR Enforcement Notice, as Firms also Struggle with Subject Access Requests
On the 25th of May 2018, the General Data Protection Regulation (GDPR) came into effect, bringing sweeping reforms on how organisations handle personal data and manage communications. In the build up to the introduction of GDPR, many of the headlines about it related to the financial penalties that could potentially be levied against non-compliant organisations.
Under GDPR, the maximum fines for non-compliance are up to four percent of global turnover, or €20,000,000 (whichever is greater). At the end of September, AggregateIQ – a Canadian political consultancy and technology company – became the first company to be issued with a GDPR enforcement notice, by the Information Commissioner's Office (ICO) for GDPR non-compliance. Since then, Facebook has also been linked with potential fines, following a breach that exposed user data.
Although these fines will act as a stark reminder for firms to ensure that they are doing all they can to comply with the new regulation, the mere link to punitive action as a result of non-compliance can be very damaging to brand equity and corporate reputation. Perhaps more significantly, however, is the risk to trust in your organisation by customers, suppliers and other stakeholders.
Abuses and breaches aside, recent research has shown that there are some aspects of compliance with GDPR that organisations are struggling with. One such aspect is Article 15, relating to managing requests from customers and other stakeholders about the data that is held on them. Anyone is entitled to issue such requests, which can include confirmation that data is being held on them and being processed, access to the personal data held on them, and other associated information.
Companies that process personal data of any sort need to be aware of how the regulation addresses them directly and the obligations it imposes. For practical tips on meeting the requirements of GDPR, Neopost has produced the ‘Guide to Managing GDPR’ which can be downloaded here. It focuses in detail on compliant communications and managing access requests, so if your organisation has any issues around aspects like Article 15, it may be particularly helpful.
Download our free guide to managing GDPR HERE.
Neopost introduces the DS-64i folder inserter
Folding documents and inserting them into envelopes is a particularly time-consuming activity that can jeopardise getting mail out on time. If staff have to physically prepare all mailings ready for postage, the end-to-end outgoing mail process can be a lengthy one.
How to improve the security of your outgoing communications
When mistakes happen in business communications it can be embarrassing and costly - it can even be a security issue. If marketing mailers don’t reach their intended recipients, it’s a waste of money; if a customer is sent the wrong product information, it can jeopardise a business relationship, but if...