The law of unintended consequences has provoked a wry smile from myself several times in the last few weeks.
I, like I am sure virtually every single person reading this column, fight a continual and losing battle against the massive volume of correspondence which crashes tsunami-like into my inbox every single day.
From press releases, circulars, personal matters and a never-ending stream of ‘special offers’ my email accounts, personal and work-related, receive around 1,500 messages per day.
Naturally, such an amount of messages is unmanageable and I would need another two or three of me to keep on top of it. You will all, I am sure, have similar accounts on this matter.
However, alongside the “Hi Mark, just checking you had received this message” style emails, forwarding something which doesn’t interest me at all once again into my inbox, I have seen a new breed of email enter my screens in recent days.
It concerns the forthcoming introduction of Global Data Protection Regulations, or GDPR to the man in the street. It requires that you reaffirm your desire for x, y or z company or body to keep sending you emails about whatever they are up to. These new EU regulations kick in this year and place stringent regulations concerning the management of people’s data.
In an era when people’s data is harvested at will by faceless agencies from the likes of Facebook and unscrupulous hackers can threaten the sanctity of individual’s personal information by hacking the likes of the NHS and Talk Talk, it is good news for consumers.
However, for many small firms, it is a logistical and operational nightmare. In a world where so much commerce and communication is done online, making sure that information is protected is a tough yet necessary one.
Good advice on how to comply is readily available via quick Google search. However, troubling news about the levels of preparedness seen among Yorkshire and the UK’s firms was issued this week by law firm McDermott Will & Emery.
Research carried out on its behalf by the Ponemon Institute has revealed that many companies are behind schedule to achieve compliance by the looming May deadline.
The survey results show that 40 per cent of companies only expect to achieve compliance with the regulation by the May 25 deadline.
The McDermott-Ponemon study surveyed companies across the US and Europe on their understanding of the impact of GDPR and their readiness for it. Key findings showed 52 per cent of the companies expect to be compliant on or before the deadline and that an additional 40 per cent expect to become compliant after the deadline.
This leaves some eight per cent of companies not sure when they will achieve compliance.
Moreover 60 per cent of respondents say GDPR will “significantly change” their organisation’s workflows regarding the collection, use and protection of personal information, with 71 per cent acknowledging that lack of compliance could have a detrimental impact on their ability to conduct business globally.
The survey shows that companies are investing heavily in attempting to achieve compliance. The average annual budget for compliance is $13m, according to the findings.
It is easy to see why some firms are so anxious about this tipping point in how they manage data. Failure to comply can result in whatever is the greater, a fine of £17.5m or up to four times of the annual worldwide turnover.
Experts in such matters assure me that the regulators are not going to begin scouring every single SME looking for stringent compliance from the end of next month.
However, perhaps the imposing of GDPR will have the welcome effect of reducing the endless flow of worthless information. Recent research from Forbes suggested reading and sending emails takes up a quarter of the average worker’s day.
Imagine what you could do with this extra time in your life.
Maybe then you will think twice before hitting send.