Not another GDPR email!


I think some companies are feeling nervous about their marketing activities
Seems to me that a lot of people are using GDPR as a marketing exercise.

At least it’s got some companies thinking about what information they hold, how they hold it and why the hold it.

It’s also giving individuals the chance to realise what information is actually held about them and question whether they have given permission.

So far this week alone I’ve had 22 emails asking me to opt in etc, 12 of those were from companies I’ve never dealt with. I do like the way if I don’t respond I won’t receive anything else from them. Great! Saves me replying 😎

The unsubscribe option.

If you don't want to receive an email from someone then unsubscribe. If they repeatedly send you stuff thereafter you have a couple of options ..

  • contact the Information Commissioner - this may take months for anything to happen as they will be busy or 
  • let the offending company know by posting on their social media sites (I suspect this will be more effective than going the ICO route for now).

 


Data security and retention

Not a lot of noise about his area of the new regulations but think about what personal date you have. Do you need it? How secure is it?

For electronically stored data. Do you have passwords to access your files at various levels. That's not a perfect solution but its better than nothing. If records were accessed can individual details be easy to assimilate. If you have to store passwords, encrypt them!

For printed records. Does it need to be printed? What's it for? Can individuals be identified? Did they give their consent? I think this is harder for small clubs and associations. For example a junior sports coach should have emergency contact details easily accessible during the session. Having it in a closed folder in a bag is better than a sheet lying around. In an office, how about operating a clear desk policy? Only have out (on your desk) what you are working on.

 

Individuals have to take some responsibility too

Individuals should take responsibility for keeping their data safe too. Using the same password of your pets name on every website isn't a good idea. You (as the user) don't know how the password is being stored. Incredibly Twitter have had a recent problem in that users passwords were stored in a plain text file prior to processing. 

What's a good password?

IT gurus recommend using three random words and some characters. Another suggestion I have is for sites that offer a forgot/reset password you could just create some random characters (hit the keyboard a few times) and every time you log in run the forgot / reset password option. You never know your own passwords then! 

Two step authentication

This is quite good. Consider a normal log in and then have a PIN number text to the account holders mobile phone. Once this is entered correctly access can be granted. This is possible using various external devices or apps for computer log in. A simple alternative is to email the account holder at stage two.

 

What next?

For businesses get in touch with your IT support provider and ask them to ensure you have an appropriate level of access to each computer. For individuals look for two step authentication apps for your mobile and tighten up your passwords.

 


  • Date posted:
    22/05/2018
  • Share:

View all articles

top job!

Jake Blackman, Blacktrac Compact Tractors

Cheers fella, great work!

Dean Headley, DCR Events

so supportive and helpful

Lynn Carson, Davis Optometrists

© 2019 csbs ltd t/a csb internet | web development and internet marketing for small businesses, clubs and associations

privacy / cookies

website cms powered by csb internet

01832 735306