How do you protect your data


Data protection legislation

 

Legislation that is pertinent to the use of a CRM system includes:

 

 

In general business information will not be particularly sensitive however it is advised to undertake a risk assessment of the data you hold and the policies and practices, in conjunction with your Legal Department or advisers. They will advise you about the need to notify the Information Commissioner. Care should be taken particularly if you intend to use the data for electronic marketing.

 

The Information Commisioner Office has a useful checklist, available online or as a file in this handbook.

 

The Business Link website has a good summary of the issues that need to be considered.

Good Practice Example

At Teesside University compliance with Data Protection Act (DPA), Privacy and Electronic Communications Regulations (PECR) and the need to keep data clean have all been combined through the functionality of the marketing elements of the system.

Once a year every contact receives an email explaining what data is held, the purpose and offers the opportunity for the contact to unsubscribe from receiving e-campaigns, telemarketing campaigns or printed material.

This exercise enables data cleansing because contacts are able to correct their personal data. Resource is only needed where emails bounce back. A process of research to establish the new email address or the name of the new incumbent in the position is instigated.

This methodology requires that all contacts have email addresses and those who don’t are removed from the database.

Karen Race, Deputy Director of Academic Enterprise, Teesside University