We care about technology-enhanced human systems. So we thought we would share regular thoughts and opinions about why we think they matter so much.
Today it was time to catch up on GDPR for the HARBOURites - our annual review and re-train to ensure we're fully up to speed on good ole Data Protection and Processing. The session was created by our external consultants on such matters Data Protection People (worked with them for years - can highly recommend them) and delivered expertly by David Holmes who managed to balance interest and engagement with ensuring key messages were clear and driven home.
As part of the session there were two elements in the slide deck that I thought summed up where we're coming at things from - and were pretty easily digestible, so thought I'd share.
And even if you've heard the tales / read the pieces before, I don't think it ever really hurts to re-hear things that bring something so important to life :
Whilst out walking, you come across a person with a huge hammer who is smashing rocks. “What’s going on here?” you ask? The person responds with a degree of frustration, “What does it look like I’m doing? I’m breaking rocks.”
You continue your travels and find another person with a huge hammer who is smashing rocks. “What’s going on here?” you ask. The person responds with a wink, “I’m making a living.”
You walk further and find another person with a huge hammer doing the same as the others but looking happy. “What’s going on here?” you ask. The person responds, with a broad smile, “I’m building a cathedral that will give pleasure to people for centuries to come.”
It is all about the mindset:
Do you see data protection or information security as smashing rocks? In that sense do you see data protection or information security as:
- a tick box exercise?
- pointless waste of time?
- or are you just doing it because you’re told to act in this way?
Or can you see your contribution in the bigger scheme of things? Do you see such measures as:
- respecting a customer's right to privacy and right to data protection?
- necessary to protect yourself, the organisation, the data subject from harm?
- part of a wider corporate social responsibility and safer way to manage information?
Your perception of data protection / information security measures is equally as important as the processes and procedures you have in place to ensure compliance, reducing risk and protecting the rights of others.
At HARBOUR, we're all about the cathedral we're building :)
Hear, bloomin' hear, Gary