EU’s General Data Protection Regulation (GDPR) will come into effect on 25 May. Here are five of the most important things to prepare for the industry.
- Basic identity information (name, gender, ID number, photo, etc.)
- Web data (location, IP address, cookie data etc.)
- Biometric data
- Political opinions, sexual orientation, racial data
- Health and genetic data.
The construction industry handles a vast number of personal data. GDPR is not only about employees’ data. Most companies will have data on suppliers, subcontractors, certifications of e.g. crane operators, welders, drilling operators and the like.
How can you prepare for GDPR?
- Establish company policy and procedures for data protection – or examine your existing policy and procedures and include GDPR safeguards
- Ensure provisions in supply chain contracts are requiring your suppliers to adhere to a basis standard of data protection
- Prepare your company to be able to respond quickly to a subject access request. Create a process to “forget” users on demand. In other words, if a user requests his data be deleted, all personal information about him/her must be deleted in a timely fashion and the user is notified
- Get a GDPR certification like e.g. ISO27001. In the future, clients will be requiring companies to be GDPR certified to be shortlisted for tendering
- Add a Data Protection Officer to monitor digital activities within your company to safeguard client data.
Advantages of GDPR for the construction industry
GDPR directly affects the way the construction industry should handle its personal data, but indirectly will affect the way every data is handled. The focus on handling data safely will be a great advantage for the industry.
Philip Wright, Contracts Consultant at Optimise International, welcomes the increased protection of digital privacy. He explains there are benefits of the new regulation:
GDPR should mitigate the risk of data leakage which could have a negative impact upon non-disclosure of confidential information. GDPR can also enhance tendering compliance through heightened data security, i.e. keep the tendering procedure transparent and competitive as it should be.
On dispute resolution, secure data could prove the difference in credibility and reliance, e.g. by an expert witness in his or her testimony.
Kapio Cloud – privacy by design
Kapio Cloud has developed an integrated, BIM compliant, Common Data Environment (CDE) for the storage of all your project drawings and other files.
Files can be shared in the cloud with your project team throughout the entire life-cycle of your construction.
- The digitally aware owner’s reporting system.
- Flexible and easy to integrate with existing software
- Created out of the E&C industry’s need
- SaaS service
- Starting at €1.99 per user per day.
For more information call +45 7875 0100 or contact Kapio Cloud for a demo at email@example.com.
- The EU General Data Protection Regulation (GDPR) (EU’s official website on GDPR)
- Why construction should worry about its data protection. Maqbool, A. & Eustice, J., BIM+, 2018
- GDPR is on opportunity to rebuild trust. Brabyn, B., Management Today, 2018
- Building a plan in time for GDPR’s arrival, Tighe, P., 2018
- Learn how Kapio Cloud can make it easier for you to comply with GDPR.