GDPR Is Coming
The implementation date for the EU Data Protection Regulation (GDPR) is 25 May. Despite Brexit, UK businesses will need to comply.
In order to maintain business links with EU countries, the UK will need to create EU equivalent rules and regulations. GDPR is an example of this and must be complied with if businesses want to trade with the EU. The GDPR regulations are more favourable to consumers than businesses.
As personal information becomes more regularly shared and businesses now hold huge volumes of customer data, there is a need for management and control over what businesses can do with that information.
GDPR gives regulators the ability to apply large fines of up to 20m Euro or 4% of global annual turnover – whichever is higher, for non-compliance. As such, businesses need to take these new regulations seriously and will need to implement changes to the way they operate, depending on the type of personal data that they hold. This will include customer records, databases, CRM systems, etc.
In addition, firms will need to ensure that they have appropriate policies and procedures in place with regard to any personal data that they hold or process.
It’s also worth reviewing supplier contracts to ensure that these contracts are GDPR compliant. Finally, your recruitment and HR policies and procedures should be reviewed to ensure that personal data is managed in a way that is compliant with GDPR.
There isn’t a lot of time left before GDPR comes into force. For businesses that haven’t yet prepared for GDPR, the best approach is probably to consider hiring an external consultant to advise the firm on getting up to date as quickly as possible.
Diversity & Inclusion
Thanks to recent coverage in the global press, diversity and inclusion in the workplace has become an even greater priority for businesses.
As the UK population becomes more diverse, the businesses that embrace diversity and inclusion are more likely to be able to relate to their clients and target sectors, therefore improving their chances of winning new customers.
A truly diverse business is a firm where there is a balance of gender, age, race, religion, ability and sexual preference.
An inclusive business is one which gives all of these people an equal voice and equal access to opportunities across the firm.
The benefits to a business are well documented. A more diverse and inclusive workplace will lead to a wider variety of ideas and perspectives, more engagement among employees and can generate more innovative ideas. All of this is good for productivity.
So what can small and medium sized businesses do in order to build a more diverse team? One of the first steps a business can take is to make an effort to remove potential barriers in the recruitment and selection process. This will increase the available talent-pool for a particular role and allow the firm to select the best person for the job, regardless of their background.
The next step you can take is to ensure that your existing staff receive some diversity and inclusion training. This will ensure that if / when your team members encounter diversity or inclusion related issues, they are better equipped to deal with those issues in the right way.
The objective for this type of training should be to ensure that your team is aware that people from all walks of life can bring something to the table.
Finally, you and your management team should lead from the front. Policies and procedures should be reviewed and updated and the business should be managed in a way that encourages inclusion.
Instant messaging versus email
For most businesses, email remains a key method of both internal and external communication. However, there has been a significant rise in the popularity of instant messaging. So what does this mean for you and your business?
Most of us receive far too many emails. In response, businesses have begun to move to instant messaging as a means of internal communication.
Instant messaging apps work well for casual, brief communication between employees and departments across a business. However, email is likely to remain as the key way to communicate with customers in a business context.
Instant messaging platforms that work well in our personal lives may not be appropriate in a business context. Business communication platforms must have an appropriate security wrapper around them and the firm needs to be able to manage these communications platforms centrally.
These requirements have driven the development of business focused instant messaging apps such as Slack.
As instant messaging has started to become more popular, businesses face a new security risk that must be managed. For many firms, the solution is to implement an enterprise messaging system or app. In addition, businesses need to invest in appropriate training for staff so that they use messaging apps in a way that is secure.
Creating a disaster recovery plan for your business
A disaster recovery plan is a documented process designed to help recover and protect a business and its infrastructure in the event of a disaster. It provides a clear plan of action to be taken before, during and after a disaster.
A disaster could be man made or a natural occurrence. A disaster recovery plan is designed to allow your business to get back on its feet as quickly as possible. In terms of managing risks to your business, a disaster cannot be eliminated from your risk register. You cannot prevent a disaster from occurring but you can manage your business through it.
The first step in creating a disaster recovery plan is to make a list of all the office jobs / tasks that would have to be relocated to an alternate location so the business can continue to run. Identify the most critical roles and create a list of the areas that should be prioritised in order to ensure that the business can continue to run during a crisis.
The next step is to identify alternative office space. This could be a serviced office at a nearby location that can be up and running in a matter of hours. You don’t need to rent this space right now. Instead, you should just identify a number of alternatives that could be up and running quickly, if needed.
You should ensure that your firm has sufficient insurance and budget available to handle a disaster situation. For example, if your office was wiped out due to a fire, you would need to have a budget available to purchase necessary office equipment, computers, etc. to get your business back up and running as quickly as possible.
Most businesses are highly dependent on I.T. You should have your servers and systems backed up at a secondary data site. This data site should be accessible in a disaster situation so that your business can continue to function.
Finally, you should document a list of key personnel and their contact details. In the event of a disaster, they should be contacted in order to make alternative arrangements for the firm.