The EU’s General Data Protection Regulation (GDPR) will come into force on 25 May and have a significant impact on businesses of every shape and size. In simple terms, the GDPR will change the way businesses collect, store and use personal data, with implications that go far beyond IT and impact the way marketing and sales activities are handled.
Research has shown that even global businesses aren’t ready for the new regulations, with just a third (33%) currently having a plan in place to comply with GDPR. For international organisations, preparing for GDPR will require training in every part of their business to understand how to handle the new rules. It could also be necessary to put new language resources in place to meet the requirements of the regulations.
How could GDPR affect your business?
If your business has customers in the EU then the GDPR rules will impact the way you store, process and share their personal information. Failure to comply with the new rules could lead to fines of up to 4 percent of annual turnover. And, although the GDPR is an EU directive, the UK government has confirmed the new rules will be implemented regardless of the form our withdrawal from Europe takes, so don’t think Brexit will save you!
On a day-to-day basis, GDPR will bring significant administrative responsibilities. For example, if anyone asks to see what information you hold about them, you will have to respond within 40 days with copies of all their personal data and details about where the data has come from. Consumers will also have the right to move, copy or transfer data from one form to another so this need for data portability will have to be met.
Clearly, these requirements are going to be challenging for many businesses to meet. Here’s a 12-point checklist (pdf) from the Information Commissioner’s Office to help you prepare for the May deadline.
The linguistic challenge
So what linguistic challenges does the GDPR introduce? Well, one of the requirements of the regulation is that data holders must communicate with those they hold data about in the event of a breach.
That means, if customer data is stolen then organisations must notify the affected individuals ‘without undue delay’. You need to tell them what has happened, what the consequences are likely to be and what they need to do to protect themselves. The rules also state that this should be done in a dedicated message that must be clear and concise.
But drafting a letter to explain what has happened and what customers need to do might only be a small part of your obligations. If there’s a significant data breach, you may also need to set up a dedicated response team to handle customer queries in whatever language they speak.
How can we help?
So how do you communicate clearly when you hold data about customers from around the EU? That’s where an outsourced language team can help.
At Linguistica International, we can work with you as and when you need us, creating word-perfect messages for your EU customers and dealing with any queries you receive quickly and efficiently. For more information, please call 02392 987 765 or email firstname.lastname@example.org.