BSS11 – I do, I do, I do, I do, I do – Business Regulation

CONTINUITY: Jakob and Zelda are having their weekly meeting to catchup.  It’s Monday morning and the email debacle continues.

JAKOB: So, 18 leads for all that effort, poor Michaela

ZELDA: She’s fine, but we are now having problems with our email service

JAKOB: Problems?

ZELDA: Well since Thursday we’ve be unable to send emails and we’re still getting the abusive ones coming in

JAKOB: No emails?

ZELDA: We were blocked by our internet provider for sending spam email.  Garth is looking into it.  Shall we get an update from him now?

JAKOB: Had better.

(Knock, knock, knock)

ZELDA: Oh, Come in Bryock, great timing. (Bryock enters)

BRYOCK: Felicitations to you both!

JAKOB: Morning Bryock (rolling eyes)

ZELDA: Bryock, could you get Garth to pop in and see us please

BRYOCK: Yes Ms Zero and whilst I’m gone I thought you should have early sight of this (passing a letter to Zelda)

ZELDA: Thanks

JAKOB: What is it?

ZELDA: A letter from the Information Commissioners Office

JAKOB: Oh right, what’s that about

ZELDA: Err, they’ve opened a case on Sydeline following 53 separate concerns being lodged with them.

JAKOB: What? Let’s have a look.  It says here that they have been unable to ascertain who is accountable for protecting personal data in the organisation from our website and that they are unable to find a Data Controller Register entry for us.

ZELDA: Data Controller Register?

(Knock, knock, knock – tuneful)

ZELDA: Uh, come in?

GARTH: Morning Zelda, Jakob, you asked for me to pop in

ZELDA: Oh yes, yes we did.  Sorry, bit flummoxed by a letter we’ve just received

GARTH: Ahhh, the ICO I see… Probably raising concerns about our actions last week on email

JAKOB: Yes… yes it is. How did you know?

GARTH: Oh, well, when Michaela told me what has happened I guessed it would come to their attention.  Did you report it?

ZELDA: Report what

GARTH: The breach of 30,000 natural person’s privacy

ZELDA: By who

GARTH: By us

JAKOB: (irritated) What are you talking about Garth?

GARTH: Ok, sorry, thought you realised.  I was focusing in resolving our relationship with B 2 B 4 E Mail to get our email service reauthorised.  My assumption was that you understood that you had purchased a poor quality email list which didn’t have the appropriate consent secured and that the horrendous backlash we had already suffered had forced you to bring the incident to the attention of the ICO

JAKOB: (flustered) Why on earth (calming down) Why didn’t you tell us?

GARTH: (matter of fact) Email service was down!

ZELDA: Thing is… We didn’t know about.. You know… About what you just said

GARTH: Oh yikes! So, the ICO are following up on concerns reported to them by members of the public?

ZELDA/JAKOB: YES!

GARTH: Ahh, that’s not good.  Well it may be alright if you can show them that you’re on the road to being compliant with latest regulations

ZELDA: Which are…?

GARTH: Oh the General Data Protection Regulation and, probably more applicably, the Data Protection Act 2018, or DPA18, which is what I like to call the little beauty.

JAKOB: Little beauty! You seem to know a lot about it

GARTH: Only what I’ve read

ZELDA: Clearly more than we know

GARTH: Well, I wouldn’t like to say that

JAKOB: We would.  Sit down. We need to put a plan together

GARTH: But email…

ZELDA: Good grief!  This has priority over running the “Death Star” Garth

CONTINUITY: It’s two days into the information breach and the investigation from the ICO. Zelda and Jakob escape the office and convene to the Dog and Bone

ZELDA: God! That has to have been the worst start to a week… EVER!

JAKOB: It’s not good.  We’ve got a way to go with this DPA18 compliance stuff too.  I’m not sure our efforts will be rewarded by avoiding a fine

ZELDA: A fine – oh that could bring us to our knees, no matter what size it is.

JAKOB: Don’t worry, I can keep us going through this, just don’t tell your dad… Oh and here he is, (sarcastic) great!

NERO: And how are my two favourite people?  Looking a tad frazzled!

ZELDA: It’s been a tough week, we’ve…

JAKOB: (interrupting) had a lot of good leads in and sales are going well

NERO: Really, what about the ICO investigation?

JAKOB: (surprised) What?

ZELDA: How did you know?

NERO: The ICO announce their actions on Twitter and their other feeds

ZELDA: Oh no

NERO: Don’t worry, I’m sure it’s just a formality.  You’ve got your compliance arrangements in place haven’t you?

JAKOB: Starting to hate that word

ZELDA: What compliance?

JAKOB: Yeah, sounds so oppressive

NERO: I like to think of it as Respect

ZELDA: Respect?

NERO: Yes sweetie, Respect for the health and safety of your people, respect for the laws of the land, respect for the requirement to pay tax and report to the proper bodies.  In fact, R E S P E C T is an acronym too… Hold on (looking on phone), where is it… Ah, here you go

ZELDA: Roles, Education, Standards, Process, Enforcement, Communication and Testing – what’s that then?

NERO: The things you need to consider in becoming compliant.  Who does stuff, teaching people. Setting the rules and procedures… etc

JAKOB: So that’s what we need to do to get on top of Data Protection

NERO: Yeah… And Health and Safety, VAT, Corporation Tax, Employment Law, Cyber Security and any number of the manufacturing standards that you MUST be applying in the factory.

ZELDA: Oh, yes, yes of course

JAKOB: Are we?

ZELDA: (hard stare and clipped) Yes, we have robust standards in place in the factory.

NERO: Funny thing.  You know that problem we had in the factory before you left?

ZELDA: Yeah?

NERO: Well, Chris’s top notch procedures and record keeping saved our skin to be honest.  The auditors that came in found only minor non-conformities and took only advisory action

JAKOB: Thanks Nero, a great pointers there

NERO: Always happy to help if I can – drinks?

ZELDA/JAKOB: YES PLEASE!