Lessons from West Wing for GDPR compliance

What now seems an age ago, there was a TV series called West Wing telling the story of President Bartlett and his White House staff who were capable of wisdom, bravery, some pretty good one-liners and glam frocks, who were on a quest for human aspiration, despite frequently revealing themselves as flawed human beings.

In the episode ‘A Proportional Response’ President Bartlett is battling the desire to order retribution on a vast and violent scale following a Syrian attack on a US helicopter which killed several Americans, including a young, new, father Bartlett had befriended. But, instead, the President is talked down by his Chief of Staff, Leo McGarry, to taking a response that is proportional to the situation, rather than smiting the earth in fury.

A response in Leo’s words, ‘It’s proportional, it’s reasonable, it’s responsible, it’s merciful.’

And so what is the relevance of a ‘proportional response’ to GDPR compliance? To align with GDPR an organisation needs to strike the right balance between over-reacting and, yet, still addressing what needs to change.

After all the pre-25 May GDPR hype and headlines, and the deluge of consent emails flooding our inboxes, followed by…well…not a lot, really. It almost feels like we are still waiting for ‘it’ to happen. Or that ‘it’ will never happen. That it was all just hype; yet another Y2K fizzer.

The very tempting ‘proportional response’ to this is to do exactly nothing. To pat ourselves on the back that we weren’t taken in by all the dark threats and headlines, and to go on our merry way, scattering personal data about like confetti at a wedding.

But don’t be fooled.

The ICO has been busy. The penalties to date are mostly still under the previous legislation. The investigative process takes time – and it’s only been five months.

Whatever ICO decisions are downstream, what matters for organisations about data protection is what has always mattered. It’s an opportunity to do business better by aligning with the new regulations. That’s what a ‘proportional response’ is; one that makes sound business sense in the long term. It’s not just about fearing the goblins that live in dark data, or of the avenging angels.

Taking a ‘proportional response’ to your data protection is about gaining positive outcomes along the way to compliance. Organisations will eventually save money they didn’t even realise they were wasting. They will gain insight from joining up data that they never knew they had. And should the worst case happen, they will be in the most resilient position possible to be able to handle such an event.

A proportional response requires you to understand what your risk profile is in terms of the personal data you control and process. You need to know what personal data you have, where it is and what could possibly go wrong? What data and systems should you be focusing your effort on?

Once you have that knowledge, you can make it difficult for your employees to do the wrong thing and easy for them to do the right thing, because the systems in place support that outcome. You can take every reasonable measure to protect what needs to be protected, from deliberate attack and from somebody just doing something dumb.

‘It’s proportional, it’s reasonable, it’s responsible, it’s merciful.’ To your organisation, to your bottom line, and to the data subjects who are your customers and your employees.

Metataxis donates funding for CityLIS

Metaxis presentation 1Metataxis has donated funding for CityLIS students to attend conferences.

The press release states.

“The Department of Library & Information Science (CityLIS) at City, University of London continues its strong links with the commercial world. Metataxis, a leading taxonomy and information management consultancy, has made a generous donation to CityLIS. The funding will support our MA/MSc students in attending conferences, workshops and seminars of direct relevance to their careers. Many of the CityLIS students are embarking on a career in library and information work or are early career professionals who will benefit enormously from this opportunity. This builds on a strong relationship that Metataxis already has with CityLIS. Directors Judi Vernau and Noeleen Schenk have both been guest lecturers sharing their expertise in taxonomies and knowledge management with CityLIS students. This real-word experience is one of the most valued aspects of the CityLIS course.”

The full details can be found on the City, University of London website here.

See www.city.ac.uk/department-library-information-science for more information.

Metataxis now on G-Cloud 10 framework

Metataxis are pleased to announce that public sector organisations can again access our services through the latest G-Cloud 10 framework.

Cloud services, such as O365/SharePoint Online, require careful planning, design and governance to be successful; however all too often this is just seen from a technical perspective rather than one based on the information and the user.

Metataxis can help organisations meet these information management and information architecture challenges that make the difference in being able to support long term adoption and deliver real value.

Metataxis offer a number of services on the G-Cloud:
Information Architecture
Information Management
Information Discovery
Content Migration
Training

If you would like any further information then please contact us.

Join us at IRMS Conference in May

IRMS Conference 20 May – 22 May, The Hilton Brighton Metropole
Join Metataxis at IRMS this year where Marc Stephenson will be speaking on Blockchain, and Alex Church and Leigh Hanton will be presenting a case study of how unstructured information has been wrangled to alignment with GDPR.

AIIM GDPR Virtual Event

Metataxis are presenting a session at the AIIM GDPR Virtual Event.

The webinar will be jointly run by Marc Stephenson (Metataxis) and Patrick Cardiello (Active Navigation). The session has the acrostic title (we couldn’t help ourselves!) “Get Doing Privacy Right now!”, and details a case study in implementing GDPR for a global services organisation Metataxis is currently working with.

The aim of the webinar is to describe some real-world practical steps, especially around tools, for achieving GDPR compliance. The main tool we’ve been using for this client is the analysis and discovery tool from Active Navigation. This tool has been very effective at understanding the client’s information estate, which has made possible many GDPR tasks that couldn’t have been achieved without it.

See the Metataxis GDPR offering for more detail.