In a few weeks, businesses across the EU face the biggest change to data protection laws we’ve seen in recent memory. GDPR has sent waves through the UK business market, with the changes affecting every business alike. And at the core of that is data. It has been well-documented that big data is revolutionising the way manufacturing companies get work done. Customer Relationship Management (CRM), Business Intelligence (BI) and Supply Chain Management (SCM) tools are creating more valuable insights, and the latest research from the European Political Strategy Centre believes that EU manufacturers could boost EU economic growth by an additional 1.9% by 2020 through even just a limited use of big data analytics. So how will GDPR impact the manufacturing industry and its reliance on data?
More Data, More Problems
Data has been a key part of the manufacturing industry for many years. In fact, in 2014 McKinsey published a report detailing how Big Data was improving manufacturing across the board, but for pharmaceuticals, chemicals and mining organisations in particular. Managers in this sector have been using data for years to deep dive into their processes and identify patterns in the data that help improve products and reduce cost. And while the normal business of a manufacturer may not revolve around personal data, manufacturing organisations do hold an abundance of operational and shop floor data that is tracked by advanced analytics. And all of that data is subject to the rules of GDPR.
How Will GDPR Apply To Manufacturing Companies?
So, how will GDPR apply to the manufacturing industry? Well, there will be 3 key changes to bear in mind:
Processing Data: GDPR essentially widens the reach of our existing data protection laws. This means that manufacturing businesses will find new areas of their business impacted by data protection. For all manufacturing businesses, regardless of their global base, this means that any personal data they hold – from contact details to bank account information and national insurance numbers of customers, suppliers, sub-contractors and employees all need to be secured properly.
Obtaining Consent: Under GDPR, any procurement of personal data must be clearly documented, with proof of affirmative consent. This means that a pre-defined tick box, or an ‘opt-out’ model will no longer suffice. Manufacturers now need to rely on consent to process any data, even something as simple as an employee’s contact details. They will also need to consider how that consent is obtained and proven under audit, and give everyone an option to decline to provide consent in an obvious way.
The Right To Be Forgotten: Along with the increased need for consent, GDPR brings in the ‘right to be forgotten’. This means that an individual can, at any time, request to see the data your business holds on them, and ask for it to be destroyed. This means that manufacturing companies (who typically hold very large amounts of data) will need to know exactly where all of this data is so that they can effectively produce it and delete it is required.
What Can You Do To Prepare?
For manufacturing businesses, there is a lot of groundwork to do to prepare for GDPR. To begin with, Privacy Impact Statements (also known as PIA’s) and data audits should be carried out to identify what data you hold and where. From there, you should look at condensing your data into a single system that can be tagged, organised and audited easily.
At Tipac, we provide comprehensive content management solutions to help manufacturing businesses become GDPR compliant. With our help, you will be able to manage your data more efficiently, with a complete audit trail to document consent and information requests. Internal tagging means that you can easily identify what personal data you hold on whom, making it simple to comply with deletion requests. If you would like to find out more about how we can help you become GDPR complaint, get in touch with us today.