Beyond the GDPR

Share on facebook
Share on twitter
Share on linkedin

Beyond the GDPR

Why GDPR readiness must be a constant focus.

The General Data Protection Regulation (the “GDPR”), which is a European legislative act that takes Data Protection compliance to a whole new level came into force on 25 May. In this blog post, Internal Audit Manager, Marie O’Connell and Senior Business Analyst, Carol Butler discuss how the GDPR provides an additional level of Compliance at Abtran and why GDPR readiness must be a constant focus.

“The GDPR represents more than just a deadline; it’s about instilling a continuous programme of compliance readiness, one that’s future focused and reaches every part of the organisation,” says Marie. “It’s about setting even higher Data Protection standards and giving individuals more control over their personal data which in turn creates greater responsibility on the part of Data Controllers as well as Data Processors.

At Abtran, we have a deep heritage of working with organisations that are highly regulated so Data Protection has always been a strong focus. Our existing Quality Management System (QMS) which is supported by our Certifications in PCI-DSS, ISO 9001 and ISO 27001 means we continuously operate to very high standards.

 

Like the ISO 9001 and 27001, the GDPR requires ownership, accountability and a constant focus on the individual’s rights together with an onus on the organisation to continuously review and improve controls set in place to protect personal information. At Abtran, it’s also about incorporating privacy by design into everything we do that relates to personal data from very early on in the service life-cycle whether that’s from a People, Process or Technology perspective.  The introduction of GDPR mandates a higher level of Data Protection compliance across all organisations. At Abtran, it has instilled an even stronger focus on the Customer and the protection of personal data right across the day-to-day running of the business.

 

Accountability Across Every Level
Looking back, Abtran’s GDPR readiness programme was never about one individual or centralised department. To be effective, it had to reach everyone. As a BPO, we worked closely in partnership with our clients to ensure we were aligned and ready to meet our new obligations as a Data Processor. As a Data Controller, it was about connecting with every function across the business, to ensuring everyone was fully educated and compliant around the new GDPR standards for handling personal data. As well as placing GDPR specialists and programme champions into each Operation and Business Area, our IT, Project Management and HR Teams were heavily involved as well as our Senior Leadership Team, who took a very proactive and hands-on leadership role right throughout the programme.“

 

Bringing the GDPR to Life

Carol Butler who has spent the past year driving Abtran’s GDPR Education and Awareness programme agrees; “Communication across the business and with our clients was absolutely central to Abtran’s GDPR readiness programme. As a Data Processor as well as Data Controller, everyone at Abtran deals with personal data so training and upskilling was a mandatory requirement for everyone in the company.  

Abtran’s Digital ‘MyLearning’ platform made it possible to custom build a training programme that brought the practicalities of the GDPR to life in an engaging and meaningful way that was very relevant to our industry. It was about giving People real world examples that they might come across  every day.

Top of Mind
Other ongoing measures implemented by Carol included continuous updates via the Abtran intranet as well as company-wide emails; “It was important that GDPR remained top of mind right throughout the Programme. Communications went out weekly and then daily in the run up to the GDPR coming into force. The Business Intelligence behind the ‘MyLearning’ system also made it easy to monitor the number of courses completed and to continuously track FAQs which ensured training and communication material was consistently updated in a relevant and responsive way.

Remaining Ready and Future-Focused

“As the GDPR is a new European legislative act, it’s important to remain constantly abreast and future-focused,” continues Carol. “For instance, a new Data Protection Act 2018 was signed into law in May of this year and gives further effect to the GDPR, setting out Ireland’s position on matters which the GDPR left to the discretion of individual Member States. We’re keeping a very close watch on the Data Protection Commission and the European Data Protection Board, for further news or new developments that need to be relayed straight back to the business.

 

While the GDPR is now in full force and effect, the work to ensure ongoing GDPR Compliance is a constant process. As Marie mentioned, remaining future-focused, is about continuously embedding GDPR standards, controls and practices into the day-to-day or BAU of the business. It has instilled an even stronger focus on Data protection compliance while becoming a ‘Modus Operandi’ for the way we handle personal data every day. New People joining Abtran are required to undergo GDPR and Data Protection training as a mandatory module, while refresher training and continuous business updates across the organisation ensure GDPR Compliance remains fresh and top of mind. Additionally, we continue to work closely in partnership with our clients, who remain strongly focused around the whole area of GDPR and Data Protection legislation.”

Beyond the GDPR
For both Carol and Marie, the GDPR not only represents an opportunity; it represents a new era – one that’s about being even more data protection compliant and more data aware; one that instils an even stronger focus on the Customer and the protection of personal data; one that transcends geographic borders and connects people and industry as a whole.

* This article is subject to the Terms & Conditions on abtran.com

Gary Sayers

Chief Operating Officer

Gary has been with Abtran since 2011 and in his role as COO, he has overall responsibility for Abtran’s operational process. He ensures that Abtran maintains service excellence through consistent, industry leading delivery solutions. Gary works in close partnership with operational teams to execute the company’s vision, goals and growth strategies.

Gary has a wealth of experience in Customer Service Management, Operational Transformation, Customer Engagement, Operating Model efficiencies and Stakeholder Management across a number of sectors. In his role as COO, Gary has a significant focus on sponsoring the career development pathways of our people.

Gary holds a Lean Six Sigma Green Belt and has a Degree in both Civil Engineering and Sustainable Energy Technology 

Marie Downey

Chief Performance Officer

Marie has worked with Abtran since 2019 and has 20 years of experience as an IT and service optimisation leader. In her role as Chief Performance Officer, Marie has overall responsibility for Abtran’s product service offering, service design, and service capability including all PMO activity. She is a highly skilled relationship and people manager and constantly seeks to innovate and collaborate to deliver the best service outcomes.  Since joining Abtran, Marie has overseen a number of successful mobilisations of new service contracts and led our strategic initiative portfolio. Prior to working with Abtran, Marie worked with several leading multinational organisations. She is a graduate of University College Cork, holding a Bachelors degree in Commerce and Masters degree in IT and Management Accounting.

Chief Technology Officer

Paul joined Abtran in early 2020, bringing nearly 20 years experience in the IT industry. 

As CTO, Paul’s technical leadership is centered upon articulating a clear vision and strategy. He is responsible for aligning the technology vision for Abtran with the business objectives. He has overall leadership of the execution of technology strategy, partnerships and external relationships. Paul draws on a wealth of experience in designing scalable distributed systems and is focused on evolving our IT engineering capability. Prior to joining Abtran, Paul worked with international FinTech and Telecommunications organisations. He holds a Bachelor of Engineering in Computer Engineering from the University of Limerick.