Share this news on:GDPR | 23 MARCH 2018
ACFO, the UK’s premier fleet decision-makers’ organisation, held its second webinar, which was supported by TomTom Telematics, on GDPR, and says now is the right time for fleet decision-makers to review and check all data collection and whether all information gathered is required.
Furthermore, it is critical to engage with all employees - company car and vans drivers – as well as employees who drive their own cars on business, the so-called ‘grey fleet’ and occasional drivers.
GDPR is claimed by TomTom Telematics to be the “most important change in data privacy regulation is 20 years”, but was also claimed by Beverley Wise, sales director UK and Ireland, to be “an evolution, not a revolution” and bringing information protection into the digital age with processes that were “open and transparent”.
From that point of view, Ms Wise said it was “business as usual”, with ACFO chairman John Pryor highlighting: “Fleets will already hold a lot of personal data. Now is the time to review and check whether fleets actually need all the current data is received? Where does the data originate and is it secure, either on a computer or in locked storage? This is not new as all fleets should be doing this automatically.”
During the webinar, billed as ‘GDPR: What every fleet decision-maker needs to know’, Ms Wise said there was no problem with collecting data that was for a “legitimate business interest”. That, for example, could include the capture and processing of mileage for travel management and business expense claims, fuel data capture and the use of driver behaviour data from in-vehicle telematics.
Nevertheless, GDPR put individuals/employees at the “front and centre” so they needed to be fully informed and advised about what data was captured, how and where it was being used and by whom.
Mr Pryor said: “In the build-up to GDPR introduction it is a good time to review policy and ensure drivers are fully aware of their obligation. The easy tick box is perhaps a thing of the past.”
ACFO’s five-point action plan for members is:
Mr Pryor said: “Fleet managers will already be doing much of what ACFO is recommending because it is common sense and good business practice. But GDPR brings more business focus.
“GDPR is process driven and while much of what is being asked for is already being done by fleets under the new rules it is important to have policies in place.”
Personal data must be kept protected from unauthorised and unlawful access, use and loss under GDPR and, in answer to a webinar question on obtaining drivers’ permission, Ms Wise said: “Permission from employees is not required, but if it was refused then it is a bigger company policy issue. GDPR is about collecting data for legitimate business interest and controlling that data.”
Data recorded by in-vehicle telematics is perhaps the area of most concern for many fleet professionals as it captures information related to individual driver behaviour and technology, but said Mr Pryor: “If vehicles have telematics fitted, fleet managers should be clear on what the information is used for and who receives it. This will be more sensitive if a driver says they do not want it used. In this case, the company needs to be clear and managers should get internal guidance on the position.”
GDPR builds on existing data protection legislation with a particular focus on digitalisation and technology. Core to the 1998 Data Protection Act are eight data protection “principles” and GDPR reforms those and introduces new “principles” of transparency and accountability with the ability to “prove consent” a significant pillar of the new regulations.
Penalties for breaching the core “principles” of GDPR are potentially huge with a maximum fine for companies of €20 million or 4% of the total worldwide annual turnover of the preceding financial year, whichever is the higher. What’s more the reputational damage of businesses misusing or losing data could be significant.
The webinar will be available as a download from the ‘members’ area’ of the ACFO website - www.acfo.org - and is accompanied by a toolkit containing relevant guides and resources.