No doubt you’ve heard a lot recently about the EU’s General Data Protection Regulation (GDPR). It’s an important piece of legislation, which we have had to adopt across all aspects of our business.
Here we touch on some of the areas of our business that this regulation has affected and speak with our Data Protection Officer Sean Lambert, to get his top GDPR advice for professionals & businesses.
What are some of the areas GDPR has heavily touched on here at Utilita?
Some of the most affected areas by the new GDPR regulations are Marketing, HR, Contact Centre and Fleet.
What has been updated across each of these department and the business?
All departments in the business are in the process of identifying and labeling data with its new retention periods in line with Utilita’s new retention policy. Training and new security measures have also been implemented across every department. Additionally, new breach reporting briefings and tests have been carried out across the business.
What has been updated within the Marketing Department?
Obtaining consent for outgoing marketing materials being sent out, such as email campaigns. We have also had to re-evaluate the way we use our cookies on our website and their use
How we collect data obtained from marketing events. New statements and rules have been implemented on what can be collected and when
What has been updated within our HR Department?
Changes & restrictions regarding who has access to personal & sensitive information
New processes have been created for ‘subject’s rights’
Development of HR systems to facilitate compliance regulations
What has been updated within our Contact Centre?
Restrictions & ring-fencing of information sharing between departments (now on a need to know basis, with access being granted from management)
Training on how to recognise subject rights
Changes to the Data Protection Act and how phone agents comply with this on a phone call
What has been updated within our Fleet Department?
Justifying the use of vehicle trackers and finding a lawful basis for this
Changes to how personal information (ID documents) is transmitted between the triad of fleet, HR and the drivers
Outsourcing requirements for third parties managing different aspects of fleet on the manager’s behalf
Information sharing requirements and compliance guarantees
What are Sean’s top tips for people regularly working with data?
Always be vigilant, personal data is hiding everywhere and it can be easy to miss it
Be fun, without making the subject interesting, you won’t get buy in from the organisation
Be approachable, if you aren’t, things will happen without your input, and compliance can become a nightmare
What about GDPR tips for employees and businesses?
If you are unsure ask for help, no one is perfect and will not know everything. It’s better to ask and fix a problem, then hide the problem and make it worse
It’s never too late, Data Protection isn’t something new, but if you have missed something, don’t be afraid to start fixing it
Remember, Data Protection applies to all areas of a business. Don’t leave anyone out!
Utilita Energy Limited, Hutwood Court, Bournemouth Road, Chandler's Ford, Eastleigh SO53 3QB
Registered in England & Wales No: 04849181 Regulated by Ofgem
Copyright © 2018 Utilita Energy Limited. All rights reserved.