The GDPR – an opportunity to change the conversation

Holly Bremner,
Head of Dissemination,
Centre of Excellence for Information Sharing

Last week, I spoke at the Granicus conference with my colleague Imogen Heywood, and David Teague from the Information Commissioner’s Office, about the General Data Protection Regulation (GDPR), which is coming into force on 25^th May.

The conference was attended by public sector communicators of varying levels, and covered a variety of subjects, ranging from how to survive when your budget falls, through to how to improve your citizen engagement.

Now, I am a communicator, not an information governance professional (hence why I had Imogen and David on hand to handle the technical bits!). When I read a tweet from one of the attendees which said, “no offence to the speakers, but I am going to find it hard to stay awake for this one,” I had to laugh. You see, I suppose when I was a junior communicator that would have been my reaction to sitting through a one hour talk about policy change, possibly worse.

But, having spent almost a decade and a half in the communications industry working for a wide range of charities and public sector bodies, I have learned to value the opportunities legislative change brings for organisations to re-engage with their stakeholders and position themselves appropriately.

And the GDPR is no different. Communicators are processors of people’s personal data, so they will need to know what the legislation will mean for them. But, it also provides some tremendous opportunities for communicators to build trust with their citizens, and have a different conversation about how their services are developed. They can position themselves well within their organisations, as the people who bring different departments together to make sustainable reform a reality. Which is exactly what I spoke about at the conference.

Sounds too good to be true, doesn’t it? Let me explain…

There is a lot of fear surrounding the implementation of the GDPR, particularly amongst communicators.

Prior to the conference, we conducted a survey of public sector communicators through Granicus’ networks. There is significant concern about what the GDPR means for the existing data that organisations hold, with questions like “will we have to throw all our data away and start again?” popping up regularly. We understand where this worry comes from, particularly as there is an increased onus on knowing and documenting where data originates from, and ensuring it is being used for what it was originally intended for. However, this is a real opportunity for communicators to use the new legislation as a chance to spring clean their data and ask themselves the honest question: “do we really know how we got this and are we actually engaging with the right audiences for our communications?”

Creating a conversation with citizens also provides further opportunities to rebuild trust and have a wider discussion about the future provision and design of services – positioning the communications team as an essential function in service reform and trust building.

Trust in public sector organisations is at an all-time low.  Yet, public sector bodies have, for the most part, been handling their citizens data well for almost 20 years. To combat the negative publicity that will inevitably be surrounding the new regulation as we head towards May, public sector bodies have the chance to showcase all the good ways in which they have managed and utilised their citizen’s data. If this is done as part of a wider conversation around the design and development of local service provision, that conversation has the chance to reduce anxieties, and build the trust to co-design services with citizens, putting their needs at the centre. A win-win for all.

So, my advice is, don’t fear the GDPR. Make friends with your information governance lead to really understand what it means for you and your organisation. Read the myth busting blogs and get to grips with the 12-step guide to the GDPR from the Information Commissioner’s Office to alleviate your own fears. And, familiarise yourself with the future guidance from the Chartered Institute of Public Relations (CIPR). Then develop a killer communications programme that harnesses the unprecedented media attention the use of people’s personal data will attract, to start a conversation locally that will make a real difference to how future services are provided and used by your citizens.

And, if you want a sounding board about your approach, the Centre of Excellence for Information Sharing is here, and I am always happy to chat through any comms related problems.