I am very lucky to have a job I love. Over the last twenty five years, I have been managing projects and programmes across a variety of sectors from utilities to financial services. For the last nine years Iíve been working as an independent contractor specialising in the delivery of risk, process improvement or regulatory compliance projects for a variety of clients such as Trafford Council, the Co-op, Bupa and Royal London. Five months ago I returned to Royal London to be the Group GDPR Programme Manager. This was initially a challenge for a variety of reasons some of which I shared at the recent Manchester Change Forum.
The regulations are a significant change from the current Data Protection Regulations and, being new, there is limited regulator insight, but the ICO have issued guidance and data on the fines related to Data Protection and PECR. This information helps organisations identify which areas it would be sensible to concentrate on, such as 62% of PECR fines being related to marketing. It would be sensible to have a clear understanding of the legal basis on which you market to existing and new customers.
Despite lots of contact from specialist recruiters there are very few individuals with General Data Proection Regulation experience, but there are some with Data Protection experience, some who have experienced the ICO and lots of competent people experienced in supporting and managing regulatory change. The ICO are sensible and will appreciate honesty and transparency. Employing honest, transparent people will definitely benefit your programme.
Stakeholders are really nervous about GDPR. There has been considerable scaremongering in the press, £20m fines and 4% of global turnover amongst others! Employing a good Programme Manager will resolve this. Organisations need somebody to develop a realistic, comprehensive plan, then identify and manage key dependencies, risks and issues. Being able to communicate effectively is critical to the success of the project.
There are lots of strategic options for managing GDPR, which may or may not be a smart investment, conduct a cost versus benefit exercise before making any big decisions.
Organisations need to understand their risk appetite, do they want a gold plated 100% compliant solution or will an alternative be acceptable?
Tash has over 25 years experience, managing projects and programmes
across a variety of sectors from utilities to financial services. After
15 years at Centrica, Tash has spent the last nine years working as an
independent contractor specialising in the delivery of risk, process
improvement or regulatory compliance projects for a variety of clients
such as Trafford Council, the Co-op, Bupa and Royal London. Tash has
recently returned to Royal London to be the Group GDPR Programme
Manager. Tash has a large network and enjoys providing support and
mentoring in her spare time, which has recently led to her presenting at
the Women in Business Forum inspiring young women as part of an
Inclusivity and Diversity Campaign.
Find out more about the Manchester Change Forum here:
Manchester Change Forum
Return to view news articles
The Manchester Change Forum runs its second event in February around the implications of GDPR for businesses.