With European General Data Protection Regulation (GDPR) coming into effect in May next year, time is getting tight for us all to prepare.
Back in March this year we discussed this topic in a joint meeting of SIG-Marcomms and SIG-MSP, with a focus on impacts for our services and marcomms activities. The notes are here (https://geant.app.box.com/s/uwvlydyc13r3hz9gx9vk4l6443ebnlag and a blog is here (https://blog.geant.org/2017/02/28/sigmarcomms-in-gear-for-gdpr).
The marketing communications special interest group SIG-Marcomms anticipates new EU regulations.
A little shocked by what they heard at their Poznan meeting on 7-8 March, SIG-Marcomms participants resolved to roll up their sleeves and prepare – for the May 2018 onset of the European Union’s General Data Protection Regulation (GDPR).
How many of the meeting’s 30 participants had known these regulations were coming? Less than half. How many of them were aware that their organisations had started to prepare? Around a third. And how many had begun specific actions to address the impacts on their marketing and communications activities? Only two.
Leading the group through the Regulation’s complicated terrain was Andrew Cormack, Chief Regulatory Adviser at Jisc Technologies who regularly blogsabout such matters. This apparently dry topic proved a rich source of discussion as he clearly outlined the implications for national research and education networking organisations (NRENs); in particular their federated access management, incident response and clouds services, as well as their management and use of mailing lists and record keeping about consent.
Recognising that gearing up for this will mean quite some work for many NRENs, the SIG-Marcomms participants explored what could be done to prepare, what positive aspects could be found, and what possibilities there may be for community collaboration in this area.SURFnet will add its processor agreement online like a stamp online in the catalogue.