However, everyone appears to be quite fed up with all the GDPR talk. Just the four-letter word in itself raises the same expression “yes, we’ve talked enough about that already”. In over 30 years of working in the finance industry I can honestly say that in my experience this has to be the most spoken about regulation, and one that has many people literally panicking to make sure everything is in place.

We have all heard that it’s about the “what”, “why” and “where” – what we hold, why we hold it and where we are storing it. But, what about the “how”? – how do we do this? I have heard people say on several occasions that they have attended every course possible on GDPR, they have read every article on GDPR, and yes, some (in fact many) are still none the wiser. That’s because every business is different. We all know that it is vitally important for each business to understand their own data requirements. It’s how to do exactly that which is causing concern.

It is not a simple case of providing a suite of documents as a “one size fits all”. It’s about understanding your clients and your business needs. Be clear about the data you are processing.

The Data Protection (Bailiwick of Guernsey) Law, 2017, is to protect the rights of individuals and the free movement of data; in doing so, we should ensure that our information is clear, that it is provided in layman’s terms, and not baffle everyone with phrases that require further explanation. My thoughts on this is that it is good to talk! Why don’t we all put our heads together and discuss the practical aspects of what is required for the benefit of the Bailiwick instead of each organisation trying to create something a little different to the next and hoping theirs is better?

Let’s all work together to make sure organisations in Guernsey develop and maintain an ethical business by ensuring data is held in accordance with the regulatory requirements. Let’s continue to put Guernsey on the map to provide an excellent choice for business development.

Let’s do it in a practical way that is relevant to our specific business, and let’s give it some meaning and some purpose to ensure it does not just turn into a tick box exercise now that 25 May 2018 has been and gone. It could end up being an extremely expensive *tick* with the fines that could be enforced. Further discussion on practicalities is required.

The Office of the Data Protection Commissioner dataci.gg has produced some very useful guidance to help, along with questionnaires and templates for use.

The above is the opinion of Ms Fox and does reflect the views of Bailiwick Express.

You can find out more about Platinum Compliance and Platinum Board Evaluation here. 

Pictured top: Lindsay Fox