How GDPR will affect businesses in the island

Isle of Man Chamber of Commerce president Chris Allen was one of the key speakers at a conference about the impact of the EU’s GDPR (General Data Protection Regulation) on the Isle of Man.

In this article, Mr Allen, who is general manager of Triumph Actuation Systems in Onchan, explains how GDPR could impact businesses on the island, and how Chamber is helping them to prepare for it.

A fine of â?¬20million, or 4% of annual global turnover, if that sum would exceed â?¬20million.

The fines which can be imposed under GDPR, if there is a breach of the principles of processing and data subjects’ rights, are a stark reminder of why preparing for this regulation is so important.

Also in the news

Marie Hainge honoured with AILO's James Ball Award

Man found guilty of death by dangerous driving launches fresh legal challenge

Men accused of supplying 629g of cocaine to face trial

Conditional discharge for man caught with cannabis too small to register a weight

As with any new legislation that has an impact on businesses, part of Chamber’s responsibility and role as the island’s biggest business network is to do what we can to assist members.

I’m pleased to say that Chamber has been proactive on the GDPR issue by distributing news updates, organising workshops, and creating opportunities for members to share knowledge and best practice.

Most importantly of all, we have been making sure that all our members appreciate the urgent need to prepare for it.

Last year, for example, we organised a very successful lunch with the information commissioner, which gave members an opportunity to hear directly from the regulator.

We have a workshop planned with the commissioner in March this year, and other events in the pipeline because we feel that it is essential that there is a continued focus on this issue.

The feedback we have received from our members makes it clear the challenges for small businesses and major corporations are very different.

In general, the main challenge for small businesses appears to be getting to grips with the requirements for GDPR because, in most cases, small businesses will not have a dedicated data protection officer or a compliance team.

Therefore, they are not in a position to say to their directors and managers: ’This is how we need to change how we hold our data’.

In this scenario assistance provided by Chamber can be of immense value for any businesses which don’t have the required internal capacity or in-house expertise.

We have been able to share guidance on the practical steps that small businesses need to take depending on the business, and the type of data that is held, processed, and stored.

For larger businesses and corporates, the main challenge appears to stem from the sheer volume and complexity of the data involved.

The bigger a business is, the greater the task to become GDPR compliant.

resources

Chamber has found that even Isle of Man businesses which are part of major corporations have had to invest a lot of time and resources to comply with GDPR. While Isle of Man branches of major corporations may be able to benefit from some of the groundwork done by colleagues overseas, much work still has to be done on-Island because there are unique differences in how it applies to the Isle of Man.

I think it’s fair to say that there aren’t many companies - on or off-island - that are actually celebrating the introduction of GDPR legislation, because there’s no hiding from the fact that it does create additional pressure on valuable time and resources.

However, it is important to recognise that this legislation does have advantages, and creates some interesting opportunities.

First and foremost, any steps to improve security have to be viewed as a good thing.

Cyber security breaches can have a devastating impact on any business, and compliance with GDPR will not only reduce the risk of a breach, but also minimise the impact of a breach should one occur.

Secondly, GDPR compliance requires businesses to improve data analysis and build-up a much more detailed understanding of their customers’ wants and needs - and that presents opportunities to strengthen business relationships with customers, and to gain valuable insights which in turn opens doors to improvements in marketing, sales and customer service.

Thirdly, companies which invest in people and processes to achieve - or even exceed - standards required by GDPR can reap benefits in terms of how this investment will improve the reputation of their business and brand.

In any sector affected by new legislation, there will always be some companies which meet the minimum standards, and others which stand out from the crowd by reaching the highest possible standards.

One obvious example would be in the banking sector where security is a growing concern for customers.

challenges

There’s no doubt that GDPR presents some significant challenges for businesses in all sectors of the island’s economy, and ranging from SMEs to major corporations.

It’s essential for all Isle of Man businesses, in all sectors of the local economy, to prepare for its impact.

Chamber is ideally placed to provide assistance and leadership on the impact of GDPR, and it’s therefore an issue we will continue to focus on this year.

How GDPR will affect businesses in the island

Newsletter Sign up

Comments