Why do you need to be aware of the new data protection regulations? How can they help your team and organisation?
Holly Bremner, from the Centre of Excellence, will be speaking at a special CIPR Local Public Service and CMI Southern webinar on Wednesday 6 December 2017 in the first of a series on understanding and implementing GDPR.
At the Granicus public sector conference in October 2017, together with my colleague Imogen Heywood and David Teague from the Information Commissioner’s Office, I explored the General Data Protection Regulation (GDPR), which comes into force on 25 May 2018.
The conference was attended by public sector communicators of varying levels, and covered a variety of subjects, ranging from how to survive when your budget falls, through to how to improve your citizen engagement.
I am a communicator, not an information governance professional. When I read a tweet from one of the attendees which said, “no offence to the speakers, but I am going to find it hard to stay awake for this one,” I had to laugh. You see, I suppose when I was a junior communicator that would have been my reaction to sitting through a one hour talk about policy change, possibly worse.
‘legislative change can bring opportunities for organisations’
But, having spent almost a decade and a half in the communications industry working for a wide range of charities and public sector bodies, I have learned to value the opportunities legislative change brings for organisations to re-engage with their stakeholders and position themselves appropriately.
And the GDPR is no different. Communicators are processors of people’s personal data, so they will need to know what the legislation will mean for them. But, it also provides some tremendous opportunities for communicators to build trust with their citizens, and have a different conversation about how their services are developed. They can position themselves well within their organisations, as the people who bring different departments together to make sustainable reform a reality. This is exactly what I spoke about at the Granicus conference.
Sounds too good to be true, doesn’t it? Let me explain…
There is a lot of fear surrounding the implementation of the GDPR, particularly amongst communicators.
Prior to the conference, we conducted a survey of public sector communicators through Granicus’ networks. There is significant concern about what the GDPR means for the existing data that organisations hold, with questions like “will we have to throw all our data away and start again?” popping up regularly. We understand where this worry comes from, particularly as there is an increased onus on knowing and documenting where data originates from, and ensuring it is being used for what it was originally intended for.
However, this is a real opportunity for communicators to use the new legislation as a chance to spring clean their data and ask themselves the honest question: “do we really know how we got this and are we actually engaging with the right audiences for our communications?”
Creating a conversation with citizens also provides further opportunities to rebuild trust and have a wider discussion about the future provision and design of services – positioning the communications team as an essential function in service reform and trust building.
Trust in public sector organisations is at an all-time low. Yet, public sector bodies have, for the most part, been handling their citizens data well for almost 20 years. To combat the negative publicity that will inevitably be surrounding the new regulation as we head towards May, public sector bodies have the chance to showcase all the good ways in which they have managed and utilised their citizen’s data. If this is done as part of a wider conversation around the design and development of local service provision, that conversation has the chance to reduce anxieties, and build the trust to co-design services with citizens, putting their needs at the centre. A win-win for all.
the GDPR is not to be feared –
design and development of services can help reduce anxieties
So, my advice is, don’t fear the GDPR. Make friends with your information governance lead to really understand what it means for you and your organisation. Read the myth busting blogs and get to grips with the 12-step guide to the GDPR from the Information Commissioner’s Office to alleviate your own fears. Familiarise yourself with the future guidance from the Chartered Institute of Public Relations (CIPR). Then develop a killer communications programme that harnesses the unprecedented media attention the use of people’s personal data will attract, to start a conversation locally that will make a real difference to how future services are provided and used by your citizens.
And, if you want a sounding board about your approach, the Centre of Excellence for Information Sharing is here, and I am always happy to chat through any comms related problems.
Blog by Holly Bremner
Head of Dissemination, Centre of Excellence for Information Sharing
CIPR Local Public Services Group Vice-Chair 2017-2018
Free resources and webinar booking