I teach a range of data protection classes with different audiences, and, without fail, the question on everyone’s lips when they enter the room: “who cares?”
I am guaranteed at least one joke about the nanny state, and one comment about how we’re all so risk adverse nowadays we spend half our life covering our own backsides. At least two people will tell me how all data protection does is make their jobs harder. So, every class becomes a forum for promoting the value of data protection. And I do believe it has value.
Here are my top five reasons why data protection is important:
- It’s the law
There are consequences if you get it wrong. In May next year, the top end fine is €4,000,000. You can be individually prosecuted. You can be audited or issued with an enforcement notice. It’s a very foolish person that jeopardises their organisation, risks a fine in the millions of pounds, just because they can’t be bothered to put in a few basic compliance measures.
- It protects people
Data protection ensures that information with a risk attached for the individual is protected appropriately. It’s one of the reasons we have payment protection for online shopping, and encryption gateways on email accounts. It doesn’t always work out, no system is perfect, but think how much safer you are in today’s digital world because of it.
- Rights and freedoms
Data protection law, whether intentionally designed for it or not, supports all our other laws. It can help ensure we are treated fairly in the workplace; that public sector bodies use public funds correctly; and that our human rights are respected.
Without the Data Protection Act, or GDPR, we would have no way of accessing information about ourselves. We would have no way of stopping marketing calls that border on harassment. We couldn’t check that we were treated properly by a doctor, or where a credit agency had obtained information about us.
And, if someone does treat your personal data with less than the due care and respect it deserves, you can hold them to account.
Organisations that are trusted by their customers, or by the public, automatically attract more business. And, on the flip side, if people think you’re going to be reckless with their information… Well, how likely are they to give you that information in the first place? Would you? What is their opinion going to then be about the rest of your organisation?
We all have things we would prefer to keep private. Our medical records, for example, or our HR files. Data protection is all about making sure that when you want, or need, something to be private, to be protected, it will be.
I could go on…
Suffice it to say, get it right and the quality of how you care for people will be a selling point for your organisation. It could make you more efficient and save you money. It could open new doors for research and data sharing with other organisations, for how you use and monetise the information you have.
Yes, it effects what you do and how you do it. It does mean there are some things you might like to do, but can’t.
But, at the end of the day, it’s not about a risk-adverse, litigious society, a nanny state controlling our every move. It’s about our reputations, rights and freedoms.