Telematics company Crystal Ball has published a white paper to outline the legal position and practical solutions for fleets concerned about General Data Protection Regulation (GDPR) and telematics.
The incoming GDPR regulations require a major change in the way fleets handle telematics data, but Crystal Ball says if businesses carefully follow a number of steps in managing this information, they should be safe from being fined.
Today (May 25), the GDPR comes into force, beefing up the current Data Protection Act, and requiring more accountability from firms in holding and processing their employees’ personal data and showing reasons for keeping it. Failure to comply could result in penalties of up to £17.5 million or 4% of revenue.
GDPR applies to all telematics data, covering such information as journeys, mileage, speeding, fuel usage, time on the road and any other data produced by tracking that is referable to an individual employee.
Firms will have to prove what lawful basis they have for collecting this information and why it has been kept.
If they adopt the ‘legitimate interest’ for processing personal data, they should have carried out a ‘Legitimate Interest Assessment’ on the personal data they collect and keep before May 25. They should also have issued a revised privacy notice to all employees dealing with telematics data in detail.
“Telematics has revolutionised the fleet sector, making it possible for businesses to get extremely accurate information on the action and behaviours of their employees and the operational state of their vehicles when they are out on the road,” says Crystal Ball managing director Raj Singh.
“There was concern that GDPR would negate this at a stroke, because employees may have been able to ask to have their personal data deleted, but if you follow procedure and demonstrate good practice and lawful use of that data, then telematics will still be integral to fleet operations.”
To help fleets negotiate these new regulations, Crystal Ball has produced a White Paper summarising the obligations companies have in terms of processing and holding personal data and what they have to demonstrate and document in order to be compliant.
“We felt there was a lot of conjecture about GDPR, some of it wildly innaccurate, and so we created this White Paper to summarise what fleets need to know. The simple message is ‘Don’t Panic!’ – if they properly manage telematics data, fleet managers should have nothing to fear from GDPR.
“Yes, there are a number of changes to the way they should manage what they have, not least in ensuring that personal data which identifies employees is securely protected and that employees are fully notified of the collection and processing of their personal data. These are not entirely new processes, however, and are an evolution of the current Data Protection law, not a revolution,” added Singh.
The white paper accessed, for free, here: http://info.crystalball.tv/download-your-gdpr-guide-0