The future of utilisation survey and attendance data in the GDPR era

October 22, 2018

Workspace design have been relying on utilisation data for over a decade, but what impact will General Data Protection Regulation (GDPR) have on the industry?

 

 Initially Intended as a single set of rules  across Europe to enable individuals to have greater control over their ‘personal data’ within the Digital Single Market, GDPR’s definition of personal data is not limited to the digital world but covers any personal information, with no distinction between private, public, and/or work related data:

Any information relating to a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person”.

 

The regulation makes a clean cut between data controllers (“determines the purposes and means of processing personal data”)  and data processors (“responsible for processing personal data on behalf of a controller”), and clearly describes how that data can be used. Data controllers can only work with data processors that provides “sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject”.

 

And “When developing, designing, selecting and using applications, services and products that are based on the processing of personal data or process personal data to fulfil their task, producers of the products, services and applications should be encouraged to take into account the right to data protection when developing and designing such products, services and applications and, with regard to the state of the art, to make sure that controllers and processors are able to fulfil their data protection obligations.” 

 

Where does that leave us with our utilisation surveys?

 

In short, your surveys will be GDPR compliant only if your surveys are conducted in such a way that doesn’t allow to distinguishing one particular individual, unless “demonstrable consent” is granted by the data subjects within the clearly define purpose of the study.

GDPR is 200 pages long, but in a nutshell unless the data is pseudonymise at the source or consent is granted by the data subjects, organisations in Europe can no-longer do:

  • Walk-throughs in areas with a 1:1 desk allocation.

  • Single presence sensors in an area with  1:1 desk allocation.

  • Badge data analysis 

 

 

 

 

 

 

 

 

 

 

 

 

This, however is providing a great business boost for the lucky few alternative workplace attendance and utilisation measuring tools that were designed differently and are capturing the data, and/or of pseudonymising it, making it GDPR compliant.


Contact us for more information.

IWMS Consulting
imwsconsulting.com 
contact@iwmsconsulting.com 

 

 

Share on Twitter
Please reload

Featured Posts

I'm busy working on my blog posts. Watch this space!

Please reload

Recent Posts
Please reload

Archive
Please reload

Search By Tags

I'm busy working on my blog posts. Watch this space!

Please reload

Follow Us
  • IWMS Consulting
  • IWMS Consulting