GDPR – One Year Later and Where Do We Stand?


Written by Terry Matthews-Lombardo

Terry Matthews-Lombardo is an industry veteran meeting planner, trip director, and free-lance writer who’s seen and experienced a lot of challenges – the good, bad, great and ugly – during her professional lifetime spent in this industry. Based in Orlando, FL, she’s been a proud and active member of the GCG Network of planners since 2005. You can read more by Terry on her blog Terry's World Travels.

June 6, 2019

It was enacted in May 2018 but to this day there is still a whole lot of ‘head scratching’ going on over the GDPR.  Why?  For starters, because it is generally thought of as a European problem since it was a rule put into force by the European Union.  But don’t be misled by that!  The compliance process for GDPR – General Data Protection Regulation – applies to anyone transacting with anyone in/from the EU.

What’s that, you’re saying?  You live and work in Chicago so don’t know what all this fuss about?  Simply put, if you have any attendee who is from any one of the 28 countries that are currently EU members [you can check them out here] attending any of your programs held anywhere then you need to pay attention and adhere to this ruling. 

registrationTo be clear, let’s say you have attendees coming from Italy [or any of the other 27 countries that are members of the EU] to the conference you are holding in Boston.  What should the planner do to comply with GDPR standards?  At a minimum, make sure you are protecting the personal data you have collected on those [foreign] attendees and that you are processing it in the approved manner.  This is to say that it is the planner’s responsibility to ask the right questions at the point of registration, which is usually on line and in advance of the actual event, and then also assure that you are managing this data in accordance to what has been approved.  Clear as mud?  Here’s a simple example.  Your registration process, both in advance and onsite, must contain a question asking for the attendee’s permission to use their supplied data for specified reasons such as further marketing after your program has ended.  If said attendee does not grant that permission but you/your company ignores that ‘little’ detail and keeps them on a mass mailing list then you are setting yourself up to be fined a hefty penalty by the EU.  Yep, it’s that important to get each and every attendee to check off that little box next to the yes/no question about how you will process their personal data!

Now do you understand why GCG workers must be diligent while managing a registration station and pay very close attention to all the instructions being given by your client?  Yes, these regulations can be confusing at times but in all cases better to ask diligent questions than to be found negligent.  As an onsite temp employee it will never be your sole responsibility to initiate procedural changes that are contrary to what your client is telling you, but sometimes knowing why you are being asked to fulfill certain client requests makes it easier to comply.

You May Also Like…


Submit a Comment

Your email address will not be published. Required fields are marked *