GDPR Action Plan: How Comms Teams Should Prepare

Transcription

1 GDPR Action Plan: How Comms Teams Should Prepare 15 February 2018 Delivered in collaboration #Granicus18

2 This webinar is for general informational purposes only and does not constitute legal analysis or advice. Please consult a lawyer to find out more about your specific obligations under the General Data Protection Regulation.

3 Technology for the people who are changing our world

4 Solutions to help you develop happier, healthier and safer communities GovDelivery Communications Suite REACH GovDelivery Network Communications Cloud Professional Package for Communications Cloud Connect Targeted Messaging Service Interactive Text Enhanced Security Digital Engagement Services ENGAGE CONVERT

5 Speakers SIMON JONES VICTORIA FORD LORNA PERRY Chair of LGcommunications Director Perago-Wales Client Success Consultant Granicus

6 Speakers DAVE WORSELL GLEN OCSKO Managing Director (Europe) Granicus Account Executive Granicus

7 GDPR recap Mandatory new law from 25 May 2018 The first comprehensive overhaul of EU data protection rules in 20 years Applies to data controllers and processors Non-compliance risks financial penalties and legal action (for officers and organisations) All staff must be trained to ensure all business practices are GDPR-compliant

8 GDPR recap GDPR obligations Broadened definition of personal data Set of core privacy principles (e.g. lawful processing, transparency, purpose limitation, data minimisation and data retention) Increased record keeping and accountability Stricter security and breach reporting Stricter contractual terms between controllers and processors Privacy must be by design Requires appointment of Data Protection Officer for certain organisations International transfer rules remain in effect as per previous regime Strengthened data subject rights

9 What does this mean for public sector communications?

10 An important milestone GDPR and the opportunities for public sector communications DAVE WORSELL SIMON JONES Chair of LGcommunications

11 The context for local government comms

12 The big question Is the GDPR the biggest threat to local government communications or is it the biggest opportunity? Communications has a major role to play in the GDPR because, fundamentally, it is about the interface between council and our communities.

13 Get to know your audience Use this as an opportunity to get better at segmenting our audiences around who they are and what they are interested in and what is relevant.

14 We have to be bold, we have to be confident Permission-based campaigns should be less about who wants to hear from their council and more about who wants to be connected to their community. Do parents want to know about school admissions? Do people want to know about bin collection changes? Do people want to have a say in what is happening around them?

15 Top tips for campaigns SHOW THE VALUE OF INFORMATION 04 DON T APPLY PRESSURE 02 IT S ABOUT COMMUNITY, NOT COUNCIL 05 SEGMENT: YES, NO AND DON'T KNOWS 03 GIVE PEOPLE THE CHOICE 06 DELIVER A SUSTAINED CAMPAIGN

16 Preparation steps for communications teams Approaching GDPR and a culture of compliance DAVE WORSELL VICTORIA FORD Director Perago-Wales

17 Approaching GDPR and a culture of compliance

18 1. Awareness 2. Information you hold 3. Lawful basis for processing 4. Gap analysis 6 steps to getting started 5. The individual rights test 6. Third party data sharing PERAGO-

19 Awareness PERAGO-

20 Information you hold s What? Where? Why? Who? Who? PERAGO-

21 Lawful basis for processing Legitimate interest Legal obligation Public task Lawful basis Contracts Vital interest Consent PERAGO-

22 Gap analysis Current Position Action Plans Target Compliance PERAGO-

23 The individual rights test PERAGO-

24 Third party data sharing PERAGO-

25 Think people not process PERAGO-

26 It s terrifying But that will stop us doing our job We need to collect the data as we might need it at some point What is your organisation saying? I don t use any personal data PERAGO-

27 Thinking in phases: 1. Awareness 2. Tailoring 3. Reinforcement PERAGO-

28 Find ways to simplify the language and make it real for your teams. PERAGO-

29 PERAGO-

30 Tailoring PERAGO-

31 PERAGO- Making it real

32 Finding opportunities PERAGO-

33 Reinforcement PERAGO-

34 25 May 2018 is just the beginning PERAGO-

35 Positive reinforcemen t PERAGO-

36 I can see an opportunity for us to rethink What if we did it differently? It s our job to look after the data that s on loan to us Changing the conversations I m not sure we actually need that data to provide our services PERAGO-

37 Remember: - Transparency and accountability - Privacy by design - Putting the rights at the heart of your organisation PERAGO-

38 Preparation steps for communications teams How to ensure your marketing complies with the law DAVE WORSELL DAVE WORSELL Managing Director (Europe) Granicus

39 How to manage new subscribers Steps you must take to ensure your communications comply with the law.

40 Get permission.

41 Make sure your privacy policy is up to date.

42 Is that really you?

43 Only collect what is necessary.

44 Only communicate what is necessary.

45 Make getting out easy.

46 No need to hit the fire alarm.

47 Collect the evidence.

48 Don t hold for longer than necessary.

49 You are running out of time to get your marketing account in order. You MUST tend to ambiguous consent and unengaged subscribers now. We can help you.

50 Action plan for communications teams How to ensure your current subscriber base meets the requirements DAVE WORSELL LORNA PERRY Client Success Consultant Granicus

51 How to manage existing subscribers Getting consent from your existing subscribers that meets GDPR standards.

52 Your current subscriber base may jeopardise your compliance You must have proof of every subscriber s consent to receive specific communications. At-risk groups: - Uploaded subscribers - Unengaged subscribers - Zero-topic subscribers

53 Don t delete, just ask.

54 Identify your audience - Uploads - Unengaged - Zero-topic You must take action now Re-engage these groups (otherwise you must remove them last resort)

55 Process for securing the consent you need You need to be here You are here Recipient confirms Clean mailing list of opt-ins Mailing list in need of health check (uploads, ambiguous consent & unengaged subscribers) Reengagement /s requesting confirmation of consent No response Delete from mailing list

56 Get creative with a re-engagement campaign Research online for re-engagement ideas.

57 Adapt for mobile Ensure your templates are responsive and easy to navigate on a range of devices.

58 Be clear and direct Give clear opt-in choices using call-to-action buttons, and opt-out options (using an unsubscribe link). You should already have this in your standard footer where everyone expects it to be so no extra work will be required.

59 Highlight what they d be missing Remind people why they subscribed and what s on offer.

60 Make your subject line count design starts in the inbox. Keep it short for mobile users Frontload with key words Use personalisation to make them feel special Don t make false promises Be clear and concise Create a sense of urgency Avoid overuse of capitals and!s A/B test for most effective message

61 Don t spray and pray Segment your audience Give people multiple opportunities to give consent Deliver a series of re-engagement s Add call-to-action to confirm opt-in in all relevant s Be timely and careful not to overload people Measure success and refine each send.

62 Put a time limit on it Tell subscribers the deadline Deliver that final Provide alternative points for connection

63 Get help to become GDPR-compliant today Reasons to let Granicus manage your re-engagement campaigns GAIN PEACE OF MIND Our digital engagement experts will re-engage sleepy subscribers and secure the consent you need to comply with the law. SAVE TIME AND ENERGY We ll plan, produce and deliver segmented re-engagement campaigns for you. LEARN MARKETING BEST PRACTICES You ll receive a training session to help you maximise your use of the Advanced Package for Communications Cloud and achieve better outcomes across all your campaigns.

64 Register for our 22 March event Digital Engagement Day 22 March M Shed, Bristol 10.30am 4pm FREE Speakers : - Sally Northeast (Dorset Healthcare University NHS Foundation Trust) - Gareth Phillips and Neil Jones (Torfaen County Borough Council) - John Porter and Aaron Barnes (Gloucestershire County Council) - Helen Bramah and Joanna van der Veen (Bristol City Council) - Victoria Ford (Perago-Wales) - Darren Caveney (comms2point0) - Dave Worsell and Lorna Perry (Granicus) go.granicus.com/bristol

65 Thanks for listening Check out the resources on your console and uk.granicus.com for more. Got questions? Ask questions using the Q&A box. If we run out of time, we ll you a response. uk.granicus.com