GDPR is a hot topic. With the deadline of May 25th looming it is a focus for most of our clients.
Many of our clients have been working on their approach to GDPR and putting in place policies to deal with the new rules. This has meant us supporting them in making sure that their web sites and internal systems support their new policies.
With existing clients with systems we built in the past, this work was expected and predictable. As their requirements became clear we have been working with them to make any changes to how they handle and store user and customer data in their systems. Most of this work has been covered under general maintenance and involves changes like tightening up data archiving and anonymisation to ensure data is only held just as long as it is needed, giving users access to their own data so they can review or edit it and other changes around opt ins and notifications.
What has also been interesting is seeing clients understand what they need to do in the middle of on-going projects as well.
We often work on projects that span several months and one of these that is now near completion has just been hit with the GDPR stick. The client concerned is undergoing a GDPR audit and the outcome of this has added several requirements to the system we are building. Thankfully the project is being delivered in an Agile way so inorporating these changes has been relatively painless.
What we have learned in all this is that new legislation like this always brings with it requirements to change existing systems (even if they are not fully built yet) and while these changes feel like common sense in hindsight it took the legislation to make them a priority.
As bespoke software developers we are used to being highly responsive to the needs of clients when their requirements change and this experience has been no different.
If you are looking for someone to help you make changes to your online or internal systems for GDPR compliance we would be happy to help.