A frank and honest opinion for you.
This is not easy.
Yet you can do this. You can become a responsible data user. Your relationship with data protection and privacy can be simplified.
So whilst this is not easy to set up and keep running, it is a lot easier to handle than the alternatives, for example:
the loss of your reputation
the risk of harm to your business and to others
a loss of trust
loss of sales and revenues
looking like a prat
There are no quick fixes or easy-as-pie solutions.
If it was easy, every business in the UK would have a handle on their data protection and privacy duties by now and they have not. A quick glance through the privacy information published by most companies tells you they haven't.
Put yourself in the shoes of a customer or prospective employee for a minute and look at how data protection and privacy are presented to you.
Only a few organisations get this right. So ask yourself: For those who can't even get privacy information right, what else is missing?
Makes you wonder just how vulnerable each of us might be?
Perhaps we can agree then that this isn't easy.
Nor is it simple. This work behind this needs to be complex enough to match and support what you're trying to achieve whenever you want to use other people's information. Just complex enough and no more. It is possible to get carried away with this and make things too complicated.
In this context, "over-engineering" your privacy management is not always a good thing. Very good for Victorian railway bridges, not so good for creating flexible, relevant and usable privacy management systems. Which means there is a lot we can simplify.
The good news is this is what we can do for you. We make your connection with data protection and privacy simpler. We sit between you and the complexity.
Some outcomes are easier to achieve than others. Some things are easier to do than others - yet they all need to be done. They don't need to be complicated but they do need to be good enough to get the job done. We can help you with that.
You see, privacy and data protection are fluid things. They move and change all the time. The laws and regulations change. Their interpretation by regulators and courts of law are carried out on a "case by case" basis. It always depends on the specific circumstances and situations involved. Which means what worked for one contoller might not work for another. And what worked yesterday might not work tomorrow.
On top of all that, technology changes constantly. Which means you have a lot to keep up with.
Certainly, if you haven't done much work on this issue on the past few years, you'll find that many things which appeared to work just a few years ago are nowhere near what is required now.
Yet at the same time, some things are just as relevant today as they were twenty years ago.
No. None of this is easy.
It's tricky, slippery, confusing, frustrating and awkward but you've got to try to stay on top of your privacy and data protection responsibilities.
The consequences of not doing so are unpleasant. And I'm not talking about those fines. They were never really the primary risk to your business.
The real risk you run when you don't pay enough attention to this is in not being able to use personal data at all. Either because a regulator tells you you can't or because customers and employees vote with their feet and simply don't trust you with their information.
No trust, no data, no sales, no cash, no cashflow, no profits, no skills, no business.
So if you are looking for an easy solution to your data protection and privacy problems, this isn't it and you can save us both a lot of time by stopping right here.
On the other hand, if you're looking to simplify your relationship with data protection and privacy. If you want to find an approachable, friendly, knowledgable, innovative and slightly quirky service, then it's worth us having a chat.
We applaud the efforts you made so far. Although if we don't like them we'll tell you - and in the next breath give you some options for putting things right.
We don't do jargon.
We recognise that the data must flow if businesses is to be done. However we will always insist that the value in data relies on it being used in a transparent, safe and legal manner. In return we offer you standards, commitment and value for money.
We don't do, "compliance" in isolation. Indeed we believe that if you're focusing on compliance with a regulation and believe you're there to please the regulator then you're looking in the wrong direction. Regulations and regulators don't hold the data you need - people do. Your efforts need to face them and their personal data.
We regard this privacy and data protection work as being about people, above all else.
Your customers are people, your staff are people. They all have private lives. they all want to live them. They want to take advantage of the choices and rights they all have to make themselves less vulnerable. They have rights to uphold and obligations to respect.
Which is what responsible data use is all about.
So step up. Take your place in the modern data economy and play a positive role in protecting the value of personal data.
And remember it's not easy. But that's no reason why it can't be achieved, even enjoyable and importantly, rewarding for all those involved.
In fact, not being easy means one important thing for you to think about. Few of your competitors will bother to try. So a little effort on your part could reap rewards as you are able to compete for trust. Trust from the individuals you want to keep as customers or as employees.
Remember too, now you have a contact in the business.