Over the last couple of months you’ve no doubt been besieged by emails from all sorts of different companies wanting to tell you about changes to their privacy policies.
There’s a reason for them: the General Data Protection Rules (GDPR), a new set of data protection rules from the European Union. The GDPR comes into effect on 25 May. Any business operating in the EU needs to get its data privacy practices up to speed, and quickly – thus the need to email you about how they’re going to treat your data from now on.
What does this mean for you? Apart from wading through all those privacy advisories, it means this: if you’re in business and you hold personal data about anyone within the EU, you need to get your head around the GDPR and, quite possibly, make some changes to the way you handle that data.
Streamline’s view is that GDPR is an opportunity for any business, no matter where it is based, to update its privacy practices. If you’re based in Australia or New Zealand, you’ll know that data protection legislation is under review in both countries and it’s very likely that those new rules will require upgraded practices in any case. Why not comply with GDPR and get ahead of the new Australian and NZ rules at the same time?
Where to start? We recommend a spot of self-education, using these resources. They’re refreshingly non-legal and, with one exception, they’re aimed at New Zealand businesses. Dive in, get informed, and get your data protection sorted now:
- A New Zealand Law Society introduction for NZ businesses.
- A plain-English GDPR summary from security and privacy specialist Axenic.
- Short and sweet small business guide from Xero.
- IT vendor Origin’s practical guide, including a useful ‘Is GDPR applicable to you?’ flow chart.
- An excellent 25-minute podcast from Radio New Zealand’s Bits+Bytes
- The European Commission’s own infographic-style explainer for small businesses.