CRM Systems and the Data Protection Act

The purpose of this article is to address some of the issues surrounding CRM systems in relation to the Data Protection Act.

Introduced in 1998, the Data Protection Act governs the collection, storage and processing of ‘personal' data. We will now go on to explain how this relates to hosted CRM systems.

Defining ‘Personal' data in CRM systems

It is important to remember that the Data Protection Act relates to ‘personal' data concerning an individual, so data regarding a company does not come under this jurisdiction.

In reality, the whole essence of good CRM systems are that they enable businesses to use personal information about their customers in order to improve their levels of service and their sales and marketing efforts. It is vital, therefore, that businesses are in compliance with the act when obtaining, storing and using data in CRM systems.

Obtaining Data for CRM systems

When obtaining data for use in, companies must be able to provide information about the identity of the holder of the data, and the purpose for which the data is intended to be used.

These stated intentions will limit the data to the purposes outlined. For example, if a company obtains data by telling them that it will be used to process an order then this is the only purpose it can be used for. This information cannot be used, for example, in marketing communications.

Storage of Data for CRM systems

Organisations have a responsibility to ensure that all data they have stored in CRM systems is safe, secure and fit for purpose. Data cannot be held for longer than is necessary and usually there is an obligation for organisations to review data periodically in order to ensure it is up to date. In most cases, it is forbidden to transfer data outside the European Economic Area, which may have implications for businesses with a subsidiary outside of Europe.

Lawful Data Use in CRM systems

Once the data has been obtained, there are several conditions on its use, which must be adhered to. The most important of these, in relation to CRM systems is that the individual has consented for the data to be used. This consent can be implied, for example if the individual has simply sent back a form without selecting the box that says ‘If you do not want to receive further information, click here.' If consent cannot be implied, then it may be possible to use data on the condition that it is necessary to perform a contract, or enter into a contract.

This article was brought to you by Genesis Communications, who provide Microsoft Dynamics CRM 4 to SMEs across the U.K. To find out more visit http://www.genesis.co.uk/crm4

Genesis Communications Ltd is an Independent provider of multiple business mobile solutions, including Hosted IT Services, vehicle and asset tracking, mobile voice and data, fixed line and broadband, with over 10 years experience in the SME market.

Article Source: ArticlesBase.com