5 myths about GDPR and what you need to know

The MICE industry collects data in huge quantities so a major shake-up in data privacy means businesses will be forced to change.

The general data protection regulations (GDPR) - which become law from May 2018 - mean that new ways must be found to collect and store data for clients. There are significant challenges to face in terms of mitigating risks to companies, and in terms of best practices for data management.   

Bruce Smith, chairman of the NorthPointe Management Group, said: "GDPR is all about the individual’s privacy. It is designed for the individual to have better control over their own information. It takes it out of the hands of corporations and places it more with the individuals.

"It also tries to create a unified set of rules across borders, so that multinational companies are following a consistent set of regulations. Those are some of the core principals, and it does affect people in the EU no matter where they are based."


Smith is keen to stress that while the legislation kicks in from May, companies should start working on it straight away, because it will take time to implement.

"It takes effect in May, be sure that you start working on it right away, don’t wait until the last minute because it will take you some time to get ready," he added.  

"Businesses will need to capture what they are doing, and what data they are collecting, in order to map it out; what’s the best procedure, how long they need to keep that data and so forth."

Smith cited a recent presentation by Barrister Dean Armstrong, Queen’s Counsel, of Elias Partnership on the five myths of GDPR.


5 myths about GDPR

  • There is a definitive answer for GDPR

"There isn’t," explains Smith. "It is a principle-based set of regulations. They set out the principles, but they are subject to interpretation. There are going to be challenges to this, there will be lawyers who will try to sue on their clients’ behalf. Not only on a corporate basis but also on an individual basis. Make sure that you have your policies down."

  • GDPR will only affect compliance departments

"Many businesses don’t have a compliance department, but it’s going to affect the entire company. At the core of this is the sanctity of someone’s data. You will have to get explicit consent from people to capture their data and retain it, and you can only retain it as long as it is necessary. It’s very different to what we have done in the past. Make sure you are good custodians."

  • GDPR is all about the data hacking

"It’s not. It’s a holistic approach to data management. This is where the best practices come in. Ask if you are collecting the right kind of data. Are you collecting more than you need to? Does everybody really have to have every piece of information, or are there ways in which you can separate out that information? Excel spreadsheets are no longer going to be acceptable. We are going to have find different ways to be able to do that."

  • GDPR can be dealt with easily by buying technology

"There is a myth that there will be a lot of technology solutions out there that you can buy. There will be a lot of companies telling us that all of their systems are GDPR compliant. Well, nobody is technically GDPR compliant right now because it hasn’t actually rolled out yet to be tested. They may be GDPR ready, but until they have been tested in a court case or by a regularity agency, they are just ready at this point. Make sure you talk to your vendors and find out how ready they are. Those are important things to know."

  • GDPR fines are just a cost of doing business

"A lot of people in this industry think that because they are small or medium-sized businesses, that they will fall under the radar. But the answer is that you won’t. They will be looking for it and all it takes is one person to report you and then you will have to answer to the regulatory agency in your country. Please take it seriously. In addition to the fees that you will have to pay, keep in mind that the loss of your reputation will be more damaging than maybe the cost of the fine." 

Bruce Smith was talking at IBTM in Barcelona.

If you’re interested in GDPR, don't miss C&IT’s special GDPR roadmap series of events that is kicking off in March. 

 Click here for more information and how to book.

Have you registered with us yet?

Register now to enjoy more articles
and free email bulletins.

Register now
Already registered?
Sign in
6 ways to get your brand noticed at trade shows

6 ways to get your brand noticed at trade shows

With thousands of businesses in attendance, how can you maximise your time and brand exposure at a trade show?

Major new London venue opening summer 2019

Major new London venue opening summer 2019

Magazine London will have a riverside spot in North Greenwich and comes from the team behind Printworks.

Why events are crucial to Cision's marketing strategy

Why events are crucial to Cision's marketing strategy

Cision's CMO Chris Lynch spoke to C&IT at CommsCon18 about how events can promote a brand and increase sales.

Case study: Virgin Media Business' annual Sales Kick-Off

Case study: Virgin Media Business' annual Sales Kick-Off

A conference recognising and rewarding employee performance took place at The International Centre, Telford.

Gray Dawes Group acquires Giles Travel

Gray Dawes Group acquires Giles Travel

Acquisition takes turnover of family-owned Gray Dawes Group beyond £150m and employee numbers to more than 200.

Clive appoints head of creative services

Clive appoints head of creative services

Darren Kerr joins the senior leadership team, having previously worked in Hong Kong and Sydney.

A new age for Amsterdam

Amsterdam's RAI arena offers cutting-edge 3D and sustainable planning options for events, with a spectacular new hotel in the pipeline for 2020.

Hotel review: Crowne Plaza Copenhagen Towers

Hotel review: Crowne Plaza Copenhagen Towers

Winner of multiple awards for its sustainability credentials, it's the perfect hotel for the eco-conscious traveller.

Travel in style with Eurostar

Eurostar's MICE offering includes discounted rates, Exclusive Carriages and various Onboard Experiences.

In pictures: US Forum hears tips on going global

In pictures: US Forum hears tips on going global

On the final day of the inaugural C&IT US Forum at Cliveden House, guests heard from INVNT CEO and the director of iCompli.