In May 2018, new data protection laws will come into effect in Europe. These regulations will fundamentally change how personal data is handled by business, small or large, across the world for EU citizens. In a complete legal overhaul, this is a hotly debated topic as a result of the looming deadline.
As such, small business and freelancing professionals alike need to be aware of, and prepare, for the oncoming legislation that GDPR implements. As being caught unprepared may lead to major consequences.
What is GDPR?
GDPR (General Data Protection Regulation) is legislation from the European Parliament which is intended to strengthen data protection for EU citizens.
As such, this will affect both companies in Europe and those outside of it who handle EU citizen data on a regular basis. It includes important information such as name, date of birth, physical address, email address, bank details and even a person’s IP address (many of the attributes that make up a person’s online presence).
Non-compliance by the designated deadline of 25th May 2018 means a large fine; either up to 20 million euros or 4% of a companies annual turnover (whichever is the largest sum). A fine which shows just how serious the issue of data protection has been taken by the EU in the case of GDPR.
The legislation states that this will affect companies with 250 employees or more, which may lead to the assumption that small businesses and freelancers are exempt.
However, it is not as simple as that.
The Effect on Freelancers
Freelancers, sole traders and small businesses with less than 250 employees will not be exempt from this new legislation. If you handle sensitive data - as outlined above - of any EU citizen then you need to prepare your small business in order to give them complete control of said data.
As a freelancer, holding client email addresses and bank information is almost mandatory, which means GDPR will greatly affect the freelancing community. A representative from Caunce O’Hara had this to say on the impending enforcement of GDPR for freelance professionals:
“Freelancing is currently a booming economy, with nearly 2 million people working in various freelancing careers around the country.
It is an extremely attractive profession even with the oncoming of Brexit and GDPR on the horizon. Of course, these things will cause a shakeup in the industry, but it will adapt.”
Such adaption, if it occurs, needs to happen now in the lead-up to the approaching deadline.
How to Prepare
So, what does freelancer preparation for GDPR look like? First of all, it means a complete audit of all devices used to store client information. The software that you use, the people that have access, permissions you have gained to hold this information and even where your server is located are all questions you need answers to.
After this, you need to ensure that security of data is a top priority. This means encrypting devices that you access client data on (typically your computer and phone) as well ensuring you have adequate protection from malware and viruses.
All data should also have a secure backup in the case of loss or theft of devices.
If you conduct a mailing list - even a small one - then you need to review your method of consent. This may mean asking people to opt back in, as well as making it clear what people are signing up for when giving you their email address. Easy unsubscribing options also need to be available.
Final Thoughts
Ultimately, the effect of GDPR cannot be truly evaluated until it comes into play completely. But, being prepared, even as a freelancer, is vitally important to avoid being an example for others. Being GDPR compliant is a simple process in the case of a freelancer, so long as you are willing to set aside the time to do.
Likely new advice will appear after the enforcement deadline, as well as best practices. For now, however, this is the best way for freelancing professionals to prepare for the oncoming legislation.