CRM Handbook / How do you protect your data
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Stop wasting time looking for files and revisions. Connect your Gmail, DriveDropbox, and Slack accounts and in less than 2 minutes, Dokkio will automatically organize all your file attachments. Learn more and claim your free account.

View
 

How do you protect your data

Page history last edited by Jason Miles-Campbell 7 years, 11 months ago Saved with comment

Data protection legislation

 

Legislation that is pertinent to the use of a CRM system includes:

 

  • Data Protection Act 1998
  • Freedom of Information Act 2000 (and its Scottish equivalent)
  • Privacy and Electronic Communications (EC Directive) Regulations 2003, if the data is to be used for e-marketing

 

In general business information will not be particularly sensitive however it is advised to undertake a risk assessment of the data you hold and the policies and practices, in conjunction with your Legal Department or advisers. They will advise you about the need to notify the Information Commissioner. Care should be taken particularly if you intend to use the data for electronic marketing.

 

The Information Commisioner Office has a useful checklist, available online or as a file in this handbook.

 

The Business Link website has a good summary of the issues that need to be considered.

Good Practice Example

At Teesside University compliance with Data Protection Act (DPA), Privacy and Electronic Communications Regulations (PECR) and the need to keep data clean have all been combined through the functionality of the marketing elements of the system.

Once a year every contact receives an email explaining what data is held, the purpose and offers the opportunity for the contact to unsubscribe from receiving e-campaigns, telemarketing campaigns or printed material.

This exercise enables data cleansing because contacts are able to correct their personal data. Resource is only needed where emails bounce back. A process of research to establish the new email address or the name of the new incumbent in the position is instigated.

This methodology requires that all contacts have email addresses and those who don’t are removed from the database.

Karen Race, Deputy Director of Academic Enterprise, Teesside University