Two upcoming UKA Live webcasts will explore contrasting implications of the General Data Protection Act – the need to deal with subject access requests and the potential to accelerate a move to the cloud
Impending implementation of the General Data Protection Regulation (GDPR) is giving rise to a few anxieties in the public sector, but there are also reasons for it to stir excitement.
It comes onto force on 25 May, providing a new regime of data rights for citizens and obligations on organisations in the public and private sectors. The Information Commissioner’s Office has indicated that it does not intend to take a hard line on 100% compliance from the first day, but it will require that public authorities show they are taking significant steps towards meeting these new demands.
This will be a tough job for many, as the guidance on how to deal with the fine detail of the regulation is still evolving; but there will be no excuses for sitting back and expecting an extended period of grace.
At the same time, it could accelerate the technology change that will help many organisations become more efficient. UK Authority and Tisski, an expert in CRM and ERP systems, are planning two online events on one day – Wednesday 21 March – to help understand one of the big demands and a major opportunity.
Citizens' rights and subject access requests
A major requirement of GDPR will be in meeting the citizen’s right to make a subject access request, free of charge, for the data an organisation holds on them. This is more than a theoretical demand: it is expected that plenty of people will make requests for their data, especially around health and care services.
Public authorities will need to have full control of their data in order to be able to respond, which means an in-depth understanding of what their digital systems can and cannot do. There are questions around whether they need specific software, how records can be managed on existing CRM systems, how easy will it be to pull the information together from disparate back-office systems, how should they adapt their processes, and what are the cost implications in terms of time and resource?
In the first webcast a panel of experts will discuss these issues, with particular focus on health and social care, and take questions from the online audience to help viewers understand their readiness for GDPR and subject access requests. It provides a chance to grasp the full implications and prepare your organisation to respond effectively to requests.
Breaking the ties that bind
But the regulation could also provide the opportunity to break one of the barriers to positive change. Most organisations now see the benefits of a migration to cloud platforms, harnessing its ability to support automation, data analytics and storage with a significant reduction in costs. But many are held back by an entanglement with legacy systems or fear of the effort and costs involved in the change.
GDPR will demand change, and the need to address the state of data management, technology and processes will also provide an opportunity to break those barriers. As public authorities respond to the need to comply, they will have the ideal time to jump start that crucial move from legacy to the cloud.
Again, the details and possibilities will be discussed by an expert panel, with another round of audience questions, enabling viewers to consider how they could combine the moves for compliance with the migration to new platforms and services. It provides for another crucial step in the transformation process.
UKAuthority has full editorial control of both discussions, which will be broadcast with the support of Tisski. Both events are free of charge.
For more information, and to register for either - or both! - of the webcasts, go to the following links:
GDPR and subject access requests – Wednesday 21 March, 11.30-12.30 am
Breaking the ties that bind: from legacy to cloud – Wednesday 21 March, 2.00-3.00 pm