Steve Woolley, head of external affairs for CIM (The Chartered Institute of Marketing) is encouraging companies to get informed and act early with their data planning. 

New data laws approved by the European Commission last month, which are due to come into force in 2018, are likely to impact all areas of marketing for thousands of businesses across the UK. After years of planning, the laws are expected to bring definition, clarity and accountability to data practice – resulting in a transparent legal framework around the ‘Single Digital Market’. However, marketers need to start planning ahead. The General Data Protection Regulation (GDPR) will constitute a major shake-up for the industry, and so organisations and marketers should seek compliance advice from the Information Commissioner’s Office now so that they can prepare for the massive overhaul to follow.

The outcome of the 200 page reforms will lead to: the introduction of concepts such as the consumer’s ‘right to be forgotten’; raised levels of verification for opt-in consent; and requirements for companies to store consent permissions and unapproved data being deemed unusable. What does this mean for private and public organisations operating within the Eurozone? For some companies, it could mean a total rethink towards their approach and appraisal of data they – or their outsourced suppliers – already hold. For others, it will necessitate an overhaul to the way they do business. Those failing to comply could be fined up to 4 percent of their global turnover, or €20 million. Perhaps the most dramatic outcome is the predicted rise in demand for new data protection officers to be hired into thousands of organisations in order to meet some of the new regulations. Research by data protection recruitment agency GO DPO EU estimates that 33,000 data protection officers will be required for the financial services sector alone.