The three roles of a communicator in preparing for the GDPR


The role of communicators and GDPR preparations

At the 2017 Granicus Public Sector Communications Conference in London, an expert panel addressed the myths associated with the General Data Protection Regulation (GDPR) and how communications leaders in the public sector can work to better inform internal staff, stakeholders and the public on what the changes mean for them. You can watch the the talk here.

Holly Bremner from the Centre of Excellence for Information Sharing highlighted the two key components to building an effective communications strategy that supports your organisation’s preparation for the introduction of the GDPR (25 May 2018):

  • Internal comms: No matter your organisation, test the temperature of how team members are feeling about the GDPR. This can present a good opportunity to alleviate fears and over-communicate about steps your organisation is taking to address the changes. This is also a good opportunity to provide support options if people need them.
  • External comms: Connect with the public on what your organisation is doing now to prepare for the GDPR, and change the conversation to your advantage. Myth-busting now is much more proactive than in May next year, and it will build trust with the public ahead of time. Communicate your organisation’s commitment to keeping their data safe and reassure people you’re on their side.

The GDPR is a key policy change that will impact many organisations across Europe. It’s important to bring the public with you on the journey to compliance, and the panel speakers at the conference emphasised that communicators are the glue that connects legislation with the people whom it impacts. It is therefore crucial that you plan, execute and follow up with the public accordingly.

Three things comms teams can do to prepare for the GDPR

According to Imogen Heywood (Engagement Manager) at the Centre of Excellence for Information Sharing, communicators have three primary roles to play in GDPR preparations:

1. Get your house in order

In other words, now is the time for communicators to audit their own operations, the data they hold and for what purpose, and ensure they are compliant for May 2018. The GDPR uses much of the Data Protection Act (DPA) as a base and simply builds on it. So if you already have a robust system in place for sharing information and managing data, you may not need to do anything drastically different from what you’re doing now. Now is also the time to plan ahead and shape the message comms teams should be involved in communicating before, during and after GDPR comes into effect in 2018.

In summary, use the time now to:

  • Double-check what processes you already have in place and look at whether you need to update any of them.
  • Check if your B2B and B2C marketing and comms practices are up to the slightly enhanced requirements of the GDPR (more on this here[2] ).

2. Help reduce fear

The media hype around huge fines for non-compliance of the GDPR may create barriers to information sharing. Fear is never a good starting point for change, particularly since it can mean people bury their heads in the sand and relationships are damaged between partners and the public.

Communicators have an important part to play in reducing fear from within public sector organisations and externally with the public. If communicators focus more on connecting with the public on the “why” behind the GDPR, it can help reduce the myths, fear, anxiety and misconceptions around the regulation, and build trust in your organisation.

In summary, use the time now to:

  • Carry out some internal staff engagement to find out how much those in your organisation know about the GDPR.
  • Carry out an internal campaign to address concerns and support your organisation-wide GDPR preparations (because the GDPR does apply to all teams everywhere).

3. Change the conversation

There is a spotlight on the digital economy and comms with the passing of the GDPR, and now is the time to engage the public and speak with them about the legislation that’s designed to give them more control and say about how their data is used.

For example, now could be the time to check and ask the public about what information they want to receive on services provided by the public sector. GDPR initiates the conversation, but it’s up to the public sector to take advantage of the open door. You can help facilitate that dialogue and build trust with audiences.

In summary, use the time now to:

  • Proactively engage your audiences in a wider conversation, designed to build trust and explore the benefits of sharing their information with you - a short example of how sharing information has helped others could help you demonstrate this.
  • Use the conversation to say how you already manage service users’ data in line with their preferences - so they understand they are already benefiting from your services and this is an enhancement.

More handy GDPR resources

Posted on 8th January 2018