Are you prepared for new GDPR laws? Here are 5 Ways to Do So - Black Enterprise
Black Enterprise Magazine September/October 2018 Issue

Many U.S. businesses are not taking the new GDPR law seriously because it’s an EU regulation but if your business is not in compliance by May 25, 2018, get prepared for serious fines! General Data Protection Regulation (GDPR) is a strict set of new rules out of the EU controlling citizen data privacy, which replaces their 1998 UK Data Protection Act and goes into effect May 25, 2018. The ruling, which originally passed in EU Parliament on April 14, 2016, will have a major impact on US-based business and you have a short window to get prepared within your organizations. While this is out of the EU, it affects any business regardless of geographic location, as long as you do business with people based in the EU, and given the global nature of online and tech businesses, this could mean big changes for almost every business. 

 

If your company provides goods and services, or data collection and monitoring of EU residents, it now must be in compliance with these new regulations. Failure to comply can mean big dollars in fines up to 4% of your company’s total global revenue, or as high as 20 million euros, whichever one is larger for serious violators of the law, which includes infractions such as proper opt-in consent, responsible data transfer outside of the EU, and cyberbreach notifications. This new sweeping law will permanently affect the way data is used, collected, and stored for consumer protection.

Even companies like Salesforce recently appointed Lindsey Finch their SVP of Global Privacy and Product Legal to now head their compliance of GDPR.

So what can you do to prepare your business or organization for the May 25th deadline?

5 Ways to Prepare for GDPR

1. Don’t freak out

Jenni Brown, co-founder of Lyrical Host, has a tip—don’t panic. A lot of people are scaremongering or overcomplicating it, but take a deep breath and start by making a list of all the tools and services you use in your business and you’ll instantly feel a lot better for getting started—I know I did! 

2. Segment your email list communication and get consent

Ticora Davis, owner and managing attorney of The Creator’s Law Firm says: “I recommend small business owners segment their email list to determine whether they have someone from the European Union on their mailing list. If so, they should send a re-engagement campaign immediately to those prospects ONLY. There’s no need to obtain permission from non-European Union individuals. Ensure that you’re able to document that the individual from the EU has given you affirmative permission to opt into your mailing list. According to the GDPR, adding someone to your mailing list because they’ve opted into receiving a freebie, lead magnet, or attended a webinar is not affirmative consent to be added to your email marketing list. Consent from someone in the EU must be legal, clear, and affirmative. Pre-ticked boxes are not affirmative consent. Finally, ensure all the software you use is compliant with the GDPR, especially if they will be storing your clients or customers personal identifying information.”

3. Do you have security breach procedures? Get some!

Under the new law, you are expected to have a comprehensive plan just in case your EU customers are affected by a security breach at your company. 

4. You might be good, but what about third-party risk?

It’s not if a breach is going to happen but really when. GDPR requires your company to now perform Impact Assessments for any new procedures and changes to processes that are high risk to consumer privacy. Data security breaches that happen to your third-party affiliates could make your company liable as well. Check on your contractors, strategic partners, joint venture partners, and affiliates ASAP!

5. When is the last time you reviewed your data consent request? 

The answer better be today or before May 25, 2018. This is the perfect time to have a conversation with your team and review all documents that ask for consent to use personal data from your customers to make sure you are in compliance. I’ve ensured all of my customer/client information is accessible per account. This means making sure the customer journey is seamless and manageable for the end user to make privacy and profile changes to their accounts and includes ensuring that updates about the changes and terms of their privacy policy within their accounts (including emails sent to all users of privacy policy and term changes) are made public. My media team is currently creating a quick five-second how-to to prepare for the GDPR Regulations taking effect on May 25th.

 

Join the Conversation

Felecia Hatcher

Felecia Hatcher is on a mission to rid communities across the globe of innovation deserts by working with community leaders and government officials to create an inclusive and diverse tech/startup ecosystems as the Co-Founder of Tribe Cowork and Urban Innovation Lab, Code Fever, and Black Tech Week.. Code Fever is an initiative connects minority led startup founders to capital through their VC in Residence program, tech skills training for African American and Caribbean youth and young adults in the areas of technology and entrepreneurship through full stack development coding boot camps, in school programs and an annual weeklong emerging technology summit called BlackTech Week and in 2018 launched the Tribe Co-Work and Urban Innovation Lab to create innovation hubs in Black Communities. Hatcher has raised over 3 million dollars to support Code Fever's work which sits at the intersection of economic development and inclusive innovation. As an Author, Social Entrepreneur and the former “Chief Popsicle” of Feverish Ice Cream, Hatcher was named one of the Empact 100 Top 100 Entrepreneurs under the age of 30 by the White House and Kauffman Foundation in 2011, a 2014 White House Champion of Change for STEM Access and Diversity, Ruth Shack Honoree, 2017 Comcast/Nationswell Tech Impact Allstar, Echoing Green Fellow, a Black Enterprise 2017 TechConnext Game Changer and 2016 Innovator of the Week, Essence Magazine Tech Master, and featured on the NBC Today Show, MSNBC, FORBES, INC, The Cooking Channel, & Grio’s 100 African Americans Making History. For 7 years, Felecia was known as the “Chief Popsicle” and ran Feverish Pops a Miami based gourmet popsicle manufacturing company with clients like Google, Airbnb, Paypal, Cadillac, Adidas, and Wholefoods. The VC backed company had a huge social mission and donated to build community programs, which is where Code Fever was launched in 2012. Before launching Feverish and Code Fever, Hatcher worked as a marketing manager at experiential marketing agencies for technology and gaming companies Sony, Nintendo, Wells Fargo 2nd Life Video game as well as the NBA as the front office Marketing Manager with the Timberwolves/Lynx during its championship winning year. A globally sought-after keynote speaker presenting engaging talks at Walmart HQ, Google London, United Nations, White House Young America Series, Girl Scouts of America, SXSW, Coca-Cola HQ, FBLA, DECA, Knight Foundation, TEDxJamaica and countless startup events, colleges, and universities. Hatcher is also the author of 6 books. Hatcher is also the author of books: Start your Business on a Ramen Noodle Budget, Focused, Become an Epic Expert, PopPreneurs and the C Students Guide to Scholarships


MORE ON BlackEnterprise.com