Protect what is really important.
The new EU-wide General Data Protection Regulation comes into force at the end of May. What does this law mean for a company like MAN Diesel & Turbo?
In the world we live in, personal data is more transparent than it has ever been. We post our holiday photos on Facebook. We use Google to find information. We read the news online. In short: we leave a digital footprint everywhere we go, even if we are not aware we are doing it. But this personal data is very much worthy of protection. This is exactly the point of the General Data Protection Regulation from the European Union, which will govern the protection of personal data consistently across all 28 Member States as of the end of May.
If you would answer ‘no’ to the question ‘Would I want someone to handle my personal data in this way?’, then don’t just do it, ask someone for advice instead.
While the law primarily targets the larger data collectors like Google, Facebook and Amazon, Horst Miguletz is aware that companies like MAN Diesel & Turbo need to respond too: “Even for us, data is becoming increasingly important, as we want to constantly improve our services to our customers. Digitization is not part of our corporate strategy for nothing. But as a leading global company in our industry, we are aware of our responsibility. Data protection applies to us all if we wish to earn the trust of our employees, customers and suppliers.” The MAN Diesel & Turbo data protection officer works in close conjunction with Christian Holm, who is leading the General Data Protection Regulation (GDPR) project. Employees are working hard in the areas of HR, sales, purchasing and IT, where the majority of personal data arises, to design processes to comply with GDPR. This work will extend beyond the deadline of 25 May, according to Christian Holm: “There is room for interpretation in many areas of the law. I think a great deal will depend on the legal clarification of various aspects. However, as a company, we must evidence that we have the processes for collecting, saving and processing personal data under control. We have already taken extensive measures and have been working consistently for months on ensuring we comply with the law.”
Of course, there will be guidelines for all employees in order to support them with the correct implementation of the statutory regulations. But it is also important to increase awareness of responsible handling of personal data across the whole organization. “Of course, we will not have guidelines to hand to cover all eventualities. So a healthy dose of common sense is also required. If you would answer ‘no’ to the question ‘Would I want someone to handle my personal data in this way?’, then don’t just do it, ask someone for advice instead,” stress Horst Miguletz and Christian Holm in unison. “Personal data is not our property. It belongs to our employees, customers and suppliers who trust us and who are entitled to ask that we treat the information with the greatest respect.”