The mental health conversation has come to the forefront, and it’s about time! We discuss how the Facilities Management Industry can tackle issues of mental health in the workplace. 

Every year, approximately one in four people in the United Kingdom will experience a mental health problem. Roughly, 13,000,000 adults will suffer – often in silence –  afraid of the stigma that is attached to this complex issue. While still a taboo inducing topic, it is becoming more openly discussed, and recent research has revealed the depths of how poor mental health is affecting the facilities management industry today.

According to figures, 64 per cent of construction workers have claimed they want better physical and mental wellbeing support from their employers and nearly 400,000 worker-days are lost every year due to poor mental health. Research has also uncovered that male site workers in construction are three times more likely to die by suicide than the average UK man.

There is an evident lack of support for workers in the facilities management industry which is affecting not only their wellbeing but also productivity and effectiveness. Most businesses spend a sizeable amount of budget, time and effort guaranteeing the satisfaction of customers, so why wouldn’t they afford the same consideration to employees?

Guaranteeing employees are satisfied assures a longer tenure and fewer resources invested in recruiting. With the increase of mental health officers being appointed in the construction industry, it is essential to understand that employee wellness goes beyond typical health benefits. Companies must go all-in and foster a work environment committed to long-term employee wellbeing, making it easier to attract better workers, increase employee retention and nurture company loyalty.

However, despite mental health becoming an increasingly discussed topic, it is still one that proves challenging to tackle. 31 per cent of building engineering firms find on-site mental health issues “hard to manage” while CIPD research data indicates that the number of people saying they have experienced mental health issues while in employment has increased from a quarter to a third from 2011 to 2016.

The industry would greatly benefit from more transparency and an open channel of communication. A common source of angst for workers today is feeling like they cannot achieve a satisfactory work-life balance.

Mobility has the incredible potential to encourage a more direct level of communication and a more flexible workspace. When workers are not restricted to a physical space, and technology is used to streamline what used to be a long, chaotic process, it becomes a lot easier to achieve the work-life balance that many desire.

Job management apps can support workers’ wellbeing by improving efficiency and reducing stress. With apps that are location tracked it is possible for employers to monitor team members and identify any unusual behaviour, helping keep everyone safe. In addition, it is possible to follow when workers are being more efficient and based on that information, create a more time-effective scheme.

It is also critical, however, that employers support clear “off” times where employees can unplug and recentre, which can be achieved by encouraging small pauses during work hours. These could be in the form of lunch breaks, “brain breaks” but also equally important, taking time off work – and remaining genuinely disconnected. Incorporating relaxation into the daily routine as opposed to promoting it as a reward is key.

While mobility supports a flexible workspace, employees can feel more inclined to keep working at all times and in all places. The capacity of working from a mobile device creates an environment where workers are expected to respond to emails and resolve issues during non-work hours, leading to unhealthy expectations and a veiled obligation of always being available.

Other actions that can be taken to guarantee a happier, more motivated workforce include providing workplace therapy, creating “safe spaces” and making sure HR is working for the best interest of the workers. Emma Dallimore, facilities manager at Hull and East Yorkshire Min, has invested in a quiet area room which staff can use for up to half an hour to sit and think, catch up on emails or make a call.

Modern technology – when used with discernment – can allow workers to do less without affecting the quality of the outcome. Communication tools, such as real-time job management applications, automate processes so employers can spend more time and energy focused on the more human-related aspects of the job. As a result, workers will experience better mental clarity, and fewer instances of stress, anxiety and depression.

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

In early April 2018 UK based companies with 250 employees or more were required to submit their Gender Pay gap reports. This new governmental regulation aims to reduce inequality in the workplace and improve overall attitudes to transparency surrounding salaries and pay.

In early April 2018 UK based companies with 250 employees or more were required to submit their Gender Pay gap reports. Over 10,000 businesses have now submitted their information, many of which were submitted in the last week before the deadline. The reports reveal how many companies have a gender pay gap and to what degree. This new governmental regulation aims to reduce inequality in the workplace and improve overall attitudes to transparency surrounding salaries and pay.
One of the most reported figures was the ‘median pay gap’ in companies. The median pay gap compares salaries of the middle earning woman and man. This represents arguably one of the fairest ways to look at pay gaps, because it is not an average – simply a comparison. However, all the data has flaws and some companies have debated whether hourly pay would be a fairer way to examine salaries.

Gender Pay Gap Revealed

From all the data submitted, the two sectors with the highest pay gap are construction and finance. With just 44 of 743 firms in these two sectors reported to have paid women more than they paid men. What this shows us is that there are substantially more men clustered at the top rungs of these companies receiving higher pay. Women seem to occupy a large amount of the lower percentiles of earning in construction companies, whilst men take the higher earning positions. It is this trend that we need to question and change.
Construction is one of the worst ranking sectors, with women paid on average 38% less than men. It is important to note here that this is not women being paid less than men for the same work. The equal pay act was passed in 1970, but this data shows that there is still a clear divide. The country-wide average figure for the gap is 19%, meaning that construction is nearly double the UK-wide average.
So how will reporting these, frankly dire, figures make steps to improve the situation? The aim of the initiative is to encourage change by shedding light on these statistics. For many companies this may make executives and employers take a step back and look at how balanced their workplace is, particularly in roles with higher salaries. They may want to examine their workplace culture and how they could encourage women to work towards roles higher up in their companies.

A Catalyst For Change

The pay gap is not simply about employing more women in the workplace. The pay gap reporting should be the catalyst for change in businesses across the UK. Changing attitudes is one step towards solving the issues surrounding gender equality. Gender role expectations have come a long way since the Nuclear Family of the 1950’s. But, we must also examine our expectations and understandings of gender in the workplace. Women’s role in society has changed drastically over the last few decades and workplaces must change to reflect this.
Looking back on the history of the construction industry, it has long been a field dominated by men. However, we are in a time of change and bringing more women into the construction sector leads to new ideas and new approaches in a time when the sector desperately needs to embrace a new way of thinking.

How Can the Construction Industry Be More Inclusive?

Solutions:

• Expectations are arguably what needs to change the most in the environment of construction. We have lived for decades in a society that expected employees to be at their workplace from 9-5 daily (or longer) and this is only something that is recently starting to change with a more decentralised and diverse workforce.

• Flexible working is a great way to work with more female employees who do undertake childcare or other caretaking duties. This also allows fathers to split childcare with their partners; so it benefits everyone involved in a company with children. Working remotely is a great solution to employees who cannot be at their desk or on site all the hours that the job demands but, can easily work from home or elsewhere.

• Embracing new technology can not only help you to better accommodate staff and improve diversity, but also to improve collaborative work practises and increase efficiency.

Moving forward

Combatting the gender pay gap in the construction industry will involve many small steps to eventually achieve a bigger change. Altering workplace expectations is one of the major ways to make a positive change in your work environment. But much beyond this, it is about a broader understanding and questioning of the issues surrounding the gender pay gap. Why haven’t women been included and embraced to work in the construction sector? And what are the ways that this field should change to accommodate them?
Technology can offer some great solutions and this is another way to move your business forward against competitors, whilst embracing new ways of working. Create a workplace with a forward thinking approach and your employees will also adopt this – becoming forerunners of their field.  

 

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

First Name:

 

Last Name: *

 

Email:

 

Submit

 

Collaboration forms the building blocks of business, but most companies can admit that they sometimes struggle when it comes to communication with both employees, customers and subcontractors.

Each business will have their own way of managing operatives – whether it be traditional paperwork systems, digitised management or a combination. But when it comes to liaising with clients and subcontractors, communication is broken further still. One piece of information may come in through an email, one via whatsapp and another – perhaps the worst of all – scribbled on a piece of paper.

Information is spread across many disparate sources in the workplace; the result being that communication is a clunky and laborious process for everyone. This is a massive issue for the Trades sector in particular as work is often subcontracted out to other companies. And if communication between all these entities is inefficient, then it stands to reason that the industry is suffering.

But there is a better way to team up with other companies whilst maintaining control of your work and providing the best levels of customer service. So, how can you maintain quality, improve your company’s relationships and build your network?

Case Study: DMS Ashbourne and How They Use Okappy

DMS Ashbourne, a drainage, light plumbing and maintenance company, use Okappy – a new communications and collaborations platform to manage their day-to-day work. Okappy is based on the Market Network model; combining the benefits of a social network and a marketplace. Before using Okappy, DMS managed their jobs using a multitude of different communications tools, which they found to be chaotic and inefficient. With Okappy they can issue jobs to their remote workers from the office. Everyone knows where they are and what they’re doing – making things a lot easier.

Using Okappy to Collaborate With Subcontractors and Industry Stakeholders

Information is disseminated in real-time to all stakeholders. Their clients can receive information immediately, instead of waiting for emails to come through days later. Convert Water and Crystal DMS are two subcontractors of DMS Ashbourne who are also connected via the Okappy platform. Having one system that works for external and internal communications has transformed how they work together.

“I notice a big difference with the quality of the jobs we perform with subbies who are on the system compared to the jobs done by subbies who aren’t on Okappy. Everything is a lot more seamless and we feel the work we deliver is to a higher quality.” – Calum Hoad, Operations Manager.

When DMS Ashbourne work with subcontractors using Okappy, they can instantly upload a job for them and get notified once the job is on their calendar. Not only this, they can see when the subcontractor is on site and the work has been completed. Reports, emails and other documents can also be sent through the platform. This reduces the back and forth, and ensures the subcontractor can clarify information there and then, as opposed to waiting for emails to be read or job sheets to be returned.

“Okappy has helped us consolidate our relationships with our customers and subcontractors. It is really helping us grow our business and offer the best experience to our customers.” – Kelvin Hoad, Director of DMS Ashbourne.

Other Benefits:

Since transferring their communications and job management over to Okappy, DMS Ashbourne quickly noticed that they had more time on their hands to develop other areas of their business. It has saved at least 1 ½ hours per day of paperwork for each engineer.

“Invoices now go out within minutes, whereas in the past it could take weeks in some cases. Okappy is quick, it’s painless and you can see what everyone is doing. Before, I had to ring people to find out every little detail, but now it’s instant – I’ve got the job sheet the minute the job is finished. I used to struggle to get everything done, but now it’s so easy and I’m out the door when I should be. We receive better descriptions of the job with the smartphone app. You can add photos and people can type faster than they can write these days anyways.” – Jane, Office Manager at DMS.

Sorting out the job sheets and invoices has gone from taking up to a day a week to an hour a week. This has allowed them to deliver jobs to a professional standard at every level and spend time securing more work.

“The system has paid for itself and provided us with more capacity to grow as a business. The quality of what’s going out has improved massively. Customers can see things more clearly and in better detail, especially with the feature of sending photos. Our clients are happier than ever and we’ve received no bad feedback from it – nothing.” – Kelvin Hoad, Director of DMS Ashbourne.

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business:

First Name:

 

Last Name: *

 

Email:

 

Submit

 

Market Networks could kickstart a fundamental transformation in the way job management is delivered by business. People are becoming more connected and this is opening up opportunities to better manage day-to-day work. 

From Piles of Paper to Market Networks

The World Economic Forum says we’re on the cusp of the Fourth Industrial Revolution (or Industry 4.0). Self-driving cars and Artificial Intelligence are no longer just sci-fi fantasies. As our world and the workforce continue to rapidly evolve, it’s clear that we all need to be using efficient job management systems if we’re going to keep up with any of these changes.

Job management can often be a headache. Traditionally it involved endless amounts of paperwork and spending hours on the phone chasing up clients and engineers. In an increasingly digitised world, and with many HVAC and Facilities Management companies now integrating IoT systems into the workplace, there is no need to continue managing jobs with these old and inefficient processes.

Richard Harris, CEO of Okappy argues that there are three compelling reasons why industries should explore new and emerging digital possibilities for job management: “Traditional job management systems are costly for users; the systems are often very time consuming which means disputes can take a long time to resolve; information provided by paper job sheets can be unintelligible and out of step with modern internet society.”

These days there’s a plethora of digitised systems with varying features on the market that can help companies manage their jobs. However, the problem of duplication still proves problematic when it comes to dealing with subcontractors, as each company will have a different software. Clients have a growing expectation that the services will be delivered not only digitally but in real-time; putting more pressure on companies to further streamline their processes.

Market Networks

While many job management softwares work well within a company, communication difficulties still remain when it comes to a company’s customers and subcontractors. Applying a Market Network model to this problem could be a step in the right direction. Market Networks for job management are attempting to kickstart a more fundamental transformation of the way job management is delivered.

So, what is a Market Network and what does it mean for job management? It is a software-as-a-service tool which allows businesses to create a profile, connect with customers and subcontractors and manage their workflow; not just within their organisation but as they interact with other companies.

Businesses using Market Networks for job management can receive jobs from customers on an online platform as well as add jobs for their employees and subcontractors. Accessible by computer, smartphone and tablet alike, any jobs put through these systems can be viewed and updated in real time, meaning no duplication of information or having to chase up workers for reports. Users can also communicate with each other using the integrated instant-messaging system. Connecting in this way helps to ensure that messages are easily retrievable and not lost between emails, texts and forgotten phone calls.

One feature of particular advantage to those in the trade industries is the ability for workers to upload photos and videos onto these job management systems using their respective smartphone apps. A plumber, for example, could upload an image of a repair they have just made. Workers with the app installed on their phones can also be tracked using GPS so that businesses can quickly see who is at what job at any given time.

In Practise

Market Networks for job management increase visibility whilst streamlining communication both internally and with external stakeholders.
All Seasons Climate Control Ltd now uses Okappy to manage their operatives. Since using the system they are able to access all relevant information and become aware of the job details without chasing up subcontractors or clients by phone or in person.

“All Season’s transformation of the data aspect of the job management system has resulted in a service that is faster, more transparent, and more cost efficient,” says Colin Owen, director of the company.

Anthony, Director of Convert Water has also seen the system reap many benefits for his business. He tells us – “It frees up our time and allows me to spend more of it visiting sites and bringing in more work. My engineers can add jobs for themselves so, if additional work needs to be done while on site, they can quickly add it on. Alternatively, if they need to go back to do further work, they can schedule it straight away without having to chase me.”

What’s The Future For Job Management?

“Working life is changing dramatically, we’re now much more likely to be working in small autonomous teams at different locations rather than working for one large company for life” says Richard, CEO of Okappy. “Software and technology is evolving to copy with these changes. From Social Networks to Market Networks, people and companies are becoming more connected and this is opening up opportunities to better manage day-to-day work.”

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

We talk Richard Harris, CEO of Okappy on issues of data protection to find out what his perspective is! Read on for more information about how Okappy protects user data.

First and foremost we want to reassure you that customer privacy and safety is paramount for Okappy. We have a number of procedures in place to ensure the highest level of protection for our customer’s data. With GDPR coming into effect in May 2018, we have taken the opportunity to review our existing measures to ensure they are compliant with the new regulations.

Okappy’s aim has always been to improve working lives for the better. We have a customer-centric ethos to what we do; meaning that our customers are our top priority. We are continually monitoring the Okappy platform both for performance and security. But, given some of the scare stories around GDPR compliance, we thought it would be worthwhile writing a blogpost to provide you with further insight on what we do and the procedures we have in place to protect your data.

How is Customer Data Stored?

• Data is stored on the cloud using the world’s leading cloud provider; Amazon AWS. In the unlikely event that Amazon AWS has a problem, we also have a separate provider which we can fall back to.
• Data can only be accessed by servers within our own private network. Access to these servers is further protected by firewalls which limits access to key members of staff only (our data controllers under the old regulations).
• We use multi-factor authentication and certificates to ensure that the key members of staff can administer the systems.
• Data is encrypted in transit between different parts of the system and between the system and customer.

Who Can Access it?

• Only a limited number of key staff can access the core data (our data controllers).
• Okappy technical support staff can access restricted views of the data in order to provide help and support.
• Customers can only view their data and information provided by their connections.

How is Okappy Protecting Your Data?

• 24/7 monitoring of the system 365 days per year to ensure performance and security.
• We always ensure we have the latest patches for any software and continually monitor for new vulnerabilities.
• We have strong Firewalls in place.
• We encrypt all traffic between each part of the platform and between the platform and outside world.
• Only certain key Okappy members of staff can administer the system.
• We have strong contracts in places with all employees, contractors and third party companies which include clauses to protect data.

What Would Happen if a Breach Were to Occur?

Monitor – We continually monitor for threat of attack, we have a team always on standby to action in the event of an issue. If a breach did occur we would be alerted and our automated and manual breach protection plan would kick in.
Isolate – If required, we would take affected parts of the system offline in order to isolate the breach.
Investigate – We would continue to investigate to identify the root cause of the breach.
Communicate – Keep our customers updated on the situation via our status page and via emails and tweets.
Educate – We would take preventative action and provide extra training where necessary to further strengthen and protect our security to ensure no similar incident could occur again.
Otherwise known as our Okappy MIICE procedure

What Does Okappy Use Data For?

• Running of the Okappy service.
• Providing intelligence to our customers.
• Improving our products and services.
• Marketing.
• Analytics – to improve the experience of our customers.

How is Okappy Taking Steps to Being GDPR Compliant?

We were previously registered with ICO as part of the existing Data Protection Policies. This included a periodic audit of our security and systems. With the changes in regulation which are about to take place, we have reviewed the new regulations along with our existing policies, procedures and technology to ensure we will continue to be compliant.
We have attested to:

• Reviewing our GDPR compliance
• Reviewing our systems security
• Taking a stock of what information is held and where

Do You Have a Cyber Security Policy in Place?

Please see our policy which is available on or website.

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

The impending arrival of the EU General Data Protection Regulation is requiring businesses to implement changes. Find out more in our mini blog series, which takes a positive approach to the subject of GDPR whilst making it all a bit more approachable.

You’ve probably heard of thttps://okappyimages.okappy.com/he Facebook data leaks and Cambridge Analytica by now. Trailing this major user data scandal headline, GDPR and ePrivacy will gain more momentum and credibility.

Subsequently to the Facebook incident, concerns have been raised amongst users about what is being done with their data. The uncovering of the Cambridge Analytica story has provided a much needed wake up call to businesses that may have been lulled into complacency and a false sense of security over any vagueness associated with these new regulations, which come into effect in May 2018.

You may have also heard the phrase ‘Data is the New Oil’ – a controversial statement that has been subject to much debate. Although, there are vital differences between the power of tech firms today and the oil barons of a century ago, data is being used to power some of today’s most transformative technologies such as artificial intelligence. In fact, data is influencing how decisions are being made through the power of predictive analytics – and the impact is immense.

On one hand, as a user you are compliant to the terms and conditions you agreed to.  Facebook’s business model is based around individuals engaging on their platform for free.  But, in return the company uses the individuals data, which becomes the commodity. Many insights can be gained from our interactions online, but where do you draw the line? Cambridge Analytica’s breach of user data to influence political marketing campaigns, has had consequences on a global political level –  this is a whole new ballgame.

Facebook: What Went Wrong?

Let’s look at what else went wrong with Facebook….

Revealing sensitive personal information without consent is a complete violation of privacy. Mark Zuckerberg has been highly criticized for his initial silence and his later apology which diverted most of the blame to Cambridge Analytica. So, who should really be held accountable? The fact of the matter is that without data protection and regulation laws firmly in place, the lines are blurred; further pointing towards the positive implications and necessity of GDPR.

The whole #FacebookGate incident has highlighted the need for a professional procedure to be put in place in case of a breach or incident. Branding expert Chris Sojka expressed how Facebook should have responded immediately in the aftermath with “switched gears to radical transparency, [launching] a public service advocacy campaign educating users on the ways in which people might phish for their information and setting up an easily accessible apparatus to combat abuse of their platform.”

How Does GDPR Come Into it?

As a user, are you really compliant if the terms and conditions you agreed to are incomprehensible and 57 pages long? This is where GDPR is important. In the new regulations business MUST break down their terms and conditions into an easily digestible format.

GDPR will also mean that companies will have to respond within an appropriate time frame. When it comes to reporting a breach, notification is to be mandatory within 72 hours in all member states.

GDPR means more accountability and it is good practise to brief all departments of your company on the changes required. The communications and PR teams will be the ones releasing statements, customer service reps and community managers will be reassuring customers and answering questions following a breach –  it is not a matter just for the IT department.

A More Hopeful Future With GDPR

Although GDPR may initially seem like a long and boring topic, it points towards a more secure and hopeful future with a culture of privacy and consent becoming the norm. GDPR will bring back clarity to the identity conversation.  A whole new era of data regulation is likely on it’s way.

Read the Okappy series on GDPR which takes you from getting ready for GDPR right through to reporting data breaches. Make sure you reference reliable sources when seeking out facts surrounding GDPR in particular the Information Commissioner’s Office has more relevant information about GDPR.

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

The impending arrival of the EU General Data Protection Regulation is requiring businesses to implement changes. Find out more in our mini blog series, which takes a positive approach to the subject of GDPR whilst making it all a bit more approachable.

Although we have already addressed some GDPR issues, the information surrounding General Data Protection Regulation can seem overwhelming and these new regulations become enforceable from the 25th May. There is a minefield of information out there, but what should you believe and how can you work out what is relevant to you? We’ve gathered some of the GDPR myths and facts… but can you guess which ones are true and what’s false? Find out below….

FALSE!
There has been many rumors of a grace period after the 25th of May, but this is simply not true. There has been two years of preparation and transition period for GDPR. Steve Woods the Information Commissioner’s Office Head of International Strategy & Intelligence has made it clear there will be no grace period; stating “You will not hear talk of grace periods from people at the ICO. That’s not part of our regulatory strategy.” The focus is instead on transparency, control and accountability.

TRUE!
However, although these figures may seem daunting, it is worth remembering that of the companies that make breaches of GDPR only a very small amount will actually result in fines. These changes in regulation are not about fines but about data regulation and ensuring companies take a responsible attitude to the data they hold. So although as a business you must be wary, if you have adequate systems, procedures and policies in place then you shouldn’t have to worry.

FALSE!
Many a rumor has been circulating that GDPR could spur a Millenium bug type situation, when major problems were anticipated with post 2000 data storing due to new governmental regulation. This is a myth – yes, there is much work and preparation to be GDPR compliant, but the changes in regulation cannot be the catalyst of what was feared in the approach to the Millenium – i.e complete digital shutdown. GDPR is an ongoing and evolutionary process which will see many changes over the weeks and months to come.

FALSE!
GDPR will affect not only companies located within the EU, but will also apply to companies that offer goods, services to or monitor the behaviour of EU data subjects. In light of an uncertain Brexit future, what happens in the case of a company’s activities being 100% limited to the UK?
It is very likely that the UK government will implement legislation that will largely follow the GDPR, taking into consideration the support given to the GDPR by the ICO and UK Gov as an effective privacy standard. GDPR will also act as a baseline by which UK businesses will be able to seek continued access to the EU digital market. Therefore it is highly recommended that companies go ahead with making preparations for the changes regardless of what happens with Brexit.

TRUE!
The ICO is the UK’s independent body set up to uphold information rights. It was founded in 1984 and so data protection regulations have been around for a while. Companies should already have good practices in place to protect data. GDPR should be viewed as a statutory measure to continue good data protection practises already in place within organisations.

The most important thing is to be clear and speak to your IT teams to make sure they are ready for GDPR. But, not only this, make sure that your full team is briefed on GDPR, many data breaches are the result of human error. Read the Okappy series on GDPR which takes you from getting ready for GDPR right through to reporting data breaches. Make sure you reference reliable sources when seeking out facts surrounding GDPR in particular the Information Commissioner’s Office has more relevant information about GDPR.

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

The impending arrival of the EU General Data Protection Regulation is requiring businesses to implement changes. Find out more in our mini blog series exploring. See easy posts here.

Businesses can go to great lengths in ensuring that any personal data they control or process is sufficiently protected, but hackers can always be relied upon to find new and unexpected ways to retrieve any data they desire. Whether or not data controllers or processors are themselves to blame in the event of a data breach, how breaches are dealt with following their detection is of critical importance.
Once the General Data Protection Regulation (GDPR) becomes fully enforceable in May 2018, the concealment of data breaches will be made illegal in all EU member states. Under the GDPR, the maximum fine for noncompliance with data protection authorities will rise to 20 million euros, or 4% of 12-month turnover—whichever is greater.
Failure to adequately report a data breach is already a highly punishable offence in the EU. Under the current legislation of the Data Protection Directive of 1995, the authorities of each EU member state can determine the severity of any fines they impose and hold the right to impose fines independent of the actions of other member state authorities.
In the UK, reporting data breaches is not technically mandatory, but for many other EU countries this is already not the case. Concealing a data breach is already illegal in the Netherlands, for example, where the maximum fine to be imposed by data protection authorities is €820,000.

For actively concealing a data breach that occurred in October 2016 for just over a year, the global transportation company Uber is currently facing fines of such severity. Under the GDPR, however, Uber would likely be fined in the tens of millions at the very least.
The fact that the breach took place in America where Uber is based would not make any difference. When the GDPR comes into effect, it will apply not just to businesses based in the EU but to all businesses that control or process data on EU residents. As Uber’s breach affected the personal data of over 57 million users worldwide—including most active Uber users in the UK—they would be culpable just the same.
To formally report a data breach and avoid the unfavourable circumstances in which Uber would find themselves, businesses must notify their supervisory authority of any data breaches within just 72 hours of discovery. The UK’s supervisory authority under the GDPR will be the Information Commissioner’s Office, who already have a section dedicated to the reporting of data breaches on their website.
Given the increased severity of fines under the GDPR, any businesses currently keeping quiet about data breaches in the past would be wise to come clean now and take the softer sanctions. Reporting a data breach will not excuse any negligence in protecting data in the first place, but any attempts to conceal data breaches once the GDPR comes into effect are only going to make matters worse.
– Freddie Kentish

Check out the first and second posts in our blog series! For more information on the changes and the data subject rights visit EUGDPR.

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

First Name:

 

Last Name: *

 

Email:

 

Submit

 

The impending arrival of the EU General Data Protection Regulation is requiring businesses to implement changes. We will be posting a mini blog series exploring what GDPR is, how it will it affect your business and the steps you can take to prepare. Check out the first post in the series here.

Although supervisory authorities are already defined under the Data Protection Directive of 1995, the General Data Protection Regulation (GDPR) will entrust supervisory authorities with far greater powers than before in the monitoring of data and the ensuring of data protection. The roles of supervisory authorities under the new GDPR legislation are outlined in the GDPR’s sixth chapter.
The current supervisory authority for national data protection in the UK is the Information Commissioner’s Office (ICO). Once the GDPR becomes fully enforceable in May 2018, the ICO will continue to function as the UK’s supervisory authority.
For businesses that control or process data on residents in multiple EU member states, the GDPR will require that they determine just one supervisory authority to be their lead authority.  Under most circumstances, the lead authority will be the supervisory authority established in whatever member state a business considers its place of central administration to be located.
Supervisory authorities are obliged to help businesses in keeping up to date with any changes to legislation. Businesses must take charge of their own compliance and will be solely accountable for any noncompliance after the transition to the GDPR, but supervisory authorities must also provide sufficient advice and guidance for them to follow. In accordance, the ICO has issued their own informative guide to the GDPR on their website.
Under the GDPR, supervisory authorities must also clearly indicate the methods by which any complaints concerning data protection are to be reported to them. If a complaint is found to be valid it is to be handled within a reasonable timeframe and at no cost to the reporter. Complaints can be easily reported to the ICO on their website or through a live chat or helpline.
While supervisory authorities are expected to assist data controllers and processors in their compliance with the GDPR, businesses who control or process data must also be quick to cooperate with supervisory authorities. Data controllers and processors must maintain accurate records of personal data, to be made readily available to supervisory authorities at short notice. Under the GDPR, supervisory authorities will also exercise the right to obtain full access to any equipment and office premises owned by businesses in addition to any data they own.
If data controllers or processors fail to comply with the GDPR, supervisory authorities will be able to impose more severe sanctions than before. Depending on the offence committed, sanctions range from written warnings to fines of up to 20 million euros, or 4% of 12-month turnover—whichever is greater.
In keeping with the overall intents of the GDPR then, the further empowerment of supervisory authorities will prove favourable to those who adhere to the new legislation and a serious impediment to those who do not. If you are sure to correctly protect any data that you control or process, you can consider your supervisory authority to be a valuable ally in the future.
– Freddie Kentish

For more information on the changes and the data subject rights visit EUGDPR.

Leave your email below to stay up to date with our latest tips, tricks and trends on all things business?

First Name:

 

Last Name: *

 

Email:

 

Submit