In the recently published EU Commission report, the EU admits it has been hard to implement GDPR, “especially for small and medium-sized enterprises”. At the same time we are also hearing that Pub and restaurant customers could be asked for contact details
NetApp’s General Manager UK&I, Chris Greenwood had the following to say about these two seemingly conflicting lines of thought .
“Asking pubs and restaurants to track customer contact details may seem a straight forward and sensible action in these unprecedented times. Yet in practice, it could prove a very complicated and even dangerous venture. Given recent EU Commission reports outlining how hard to implement GDPR has been, asking the hospitality industry to become data suppliers to local government – and very sensitive data at that – is overly presumptive and risky. We would also question where this ends.
Does this signal to other businesses a future standard practice whereby any physical interaction with a retailer, bank, or service provider results in some kind of data gathering and reporting? Further guidance has been promised, but as we’ve already seen over the last two years both education and enforcement of data privacy practice has been lacking. We call on both the Department of Health and DDCMS to put every effort into ensuring this initiative, if enacted, is rolled out with the comprehensive processes, infrastructure, education and guidance needed to guarantee a secure, compliant, and non-intrusive service.”