Once more change is coming – and in a big way relating how you handle your information. If you aren’t already, you should be preparing yourselves for the GDPR (General Data Protection Regulation) which comes into force in May 2018. This is not just an IT issue, it also affects those operating from paper or spreadsheets. If you would like an overview view our other blog post here on the GDPR.
“If you don’t take the new GDPR seriously, you could face a hefty fine.”
Many community transport services are managing their schedules in spreadsheets or on paper and in doing so are increasing the risk for errors and making it difficult to establish effective controls and data processes which are required within the GDPR. Read on to find out how Road XS can really help bring you up to speed and in line with the new regulations. You need to take note of this change or face potentially a hefy fine down the road.
What is the GDPR?
The EU’s GDPR is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.
The UK currently relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU. Despite Brexit, the GDPR will still apply. The GDPR will take effect from May 2018.
How Can We Start Preparing for the GDPR?
Community transport service providers should start working now to understand how the GDPR will affect their services and standards or operation, including their current data security policies and procedures. You should at least do the following:
- Appoint Two Dedicated Roles: An individual to act as a contact point and data subjects and a data protection officer to ensure processing operations are compliant.
- Demonstrate Accountability: For all your data processing activities transparently. You need to check how the data flows throughout your organisation inside, and outside of it and prepare for data subjects (such as your passengers) to exercise their rights in areas such as right to be forgotten and to be informed when issues such as when a data breach occurs.
- Assess Your Data Processes: Take a close look at all your current processes and how the GDPR will impact them. You can then also assess the required changed you will need to make.
- Data: Govern and ensure the quality of your data, assess what data you have, what you’re using it for and consider how you can interact with individual customers, clients, or third parties. This is crucial for offering transparency and trust which is demanded from GDPR.
- Visit the ICO Website: Keep your eye on the Information Commissioner’s Office website for the latest developments here.
How Can Road XS Help Us?
Road XS has been built for community transport providers and offers most if not all features you require to meet the GDPR. This means that if you use and adopt Road XS you are a long way forwards in meeting your GDPR requirements. Please contact us for more information regarding this.
Road XS is a great piece of software which has been developed with this type of legislative change in mind. It also puts you in control of your data and ensures you maintain high standards throughout. It also means you can quickly and easily meet the needs of your data subjects information requests (your passengers and drivers).
With the new changes coming into force next May, community transport providers may need to make big changes. But don’t worry, we can help you transition across as we have already done a lot of the leg work for you. We are constantly managing Road XS with new updates surround cloud technology and data security.
As with any new standard it’s important that organisations start planning now. The good news though is we’re here to help.