Beyond Law: Ethical Culture and GDPR

What it was

A CIPR Business Ethics Briefing, completed as part of my CIPR continuous professional development.

What I learned

GDPR can be seen as a gift – an opportunity for fresh thinking and a challenge to make sure we are being fair and open in our dealings with customers.

At heart, GDPR seeks to give control to individuals over how organisations use their personal data (and to harmonise such privacy laws across the EU).

Getting GDPR wrong could mean significant fines, negative publicity, loss of trust, reputation and brand damage, legal actions and regulatory enforcement.

Rather than embracing GDPR out of fear of the negative consequences, organisations can look to how it supports ethical business practice.

The need to separate Ethics from Compliance – “Ethics starts where the law ends”.  Compliance is arguably too narrow a prism through which to see GDPR.

The  briefing proposes practical steps for ensuring that organisations use data ethically – and so comply with GDPR along the way.

What I will aim to do differently as a result

Consider the wider ethical considerations of GDPR in our implementation plans

Communicate the importance of the ethical usage of personal data, and importance of leaders setting the tone

Consider how our organisation could go beyond compliance and address cultural issues on data handling

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.