Back

Blogs

Why cyber security matters this Black Friday

View All

Case Studies

Supporting BrainDrip LLC's Entry into the Hydrogen Market

View All

Upcoming Events

Utility Week Awards 2024

View All

Webinars

The Future of Security: Convergence of Physical and Cyber Domain 3/3

View All

Padlocks icons over the top of a person typing on a laptop keyboard | Infosecurity Europe 2023

Thoughts

Newable GDPR Case Study

4th Jun, 2018

The Challenge

Newable work with businesses across the country to unleash their potential, help them grow and build resilience. Their business is comprised of four key areas – Lending, Investing, Advice and Property. A profitable company, with multi-million-pound net assets and operating profits, they are a significant success story with exciting plans for growth and, by extension, the growth of their stakeholders.

Their breadth of services has a significant reach as they have assisted over 7,400 companies increase their exports, provided start-up loans and enterprise support to 1,300 people and businesses and lent around £9m to small businesses.

The size of their operational capabilities means that Newable have a range of different systems and data procedures in place, all of which needed to be aligned with the General Data Protection Regulation (GDPR) against a backdrop of inconsistent existing data protection practices.

The organisation was inundated with emails and scare tactics about GDPR which made the business nervous as to the extent of their requirements. In response to this, Newable engaged with a Data Protection consultancy but found that they were provided with a Gap Analysis lacking in practical recommendations, leaving them unprepared and ill-equipped to implement the necessary changes.

Our Approach

Having been disappointed with the outcomes of the Gap Analysis they had commissioned, Newable were introduced to Gemserv through a GDPR breakfast briefing held at the Gemserv office.

The project was led by Ivana Bartoletti and her first port of call was to de-mystify and encourage a risk-based approach which the business could buy-into and understand at multiple levels. This was a key factor in ensuring that all key project stakeholders were engaged in the project as soon as Gemserv took over.

As awareness and culture change is a key success factor in GDPR transformation programmes, the expert advice, guidance and practical implementation support that Gemserv provided, and continue to provide, to Newable has proved invaluable. Our consultants’ ability to communicate in this way, at all levels, has helped Newable to implement their plans in a GDPR compliant manner.

As a consequence of our approach, the project quickly moved from the identification of gaps and prioritised actions to a position where we were able to identify opportunities to improve engagement with stakeholder groups as well as to develop a culture where Newable felt that they as a business “owned” GDPR compliance rather than feeling that it was something which was simply another tick box exercise.

The Outcome

Gemserv’s passion for the subject matter has enabled Newable to own issues and enabled them to learn and implement their own solutions. They feel that their GDPR programme is progressing smoothly and the team are more comfortable with dealing with the regulation and the challenges that it can bring across the organisation. An example of this collaborative approach is a workshop, run by Gemserv, which looked to explain how the GDPR and ePrivacy work together which enabled the Newable team to feel confident that they are conducting their marketing safely.

Ivana has enabled the Newable GDPR team to meet their deadlines by guiding them through the deliverables, answering all of their questions and simplifying things for the team. This was a significant transformation from when Gemserv first engaged with Newable as there was concern across the business resulting from scaremongering employed by data protection consultants.

Their stakeholder relationships are also flourishing and Newable feel that being ahead of the game has been a big help in this space. Newable are able to effectively question their supply chain as well as being able to answer their own Client’s concerns. This has played a significant role in their ability to build confidence within their industry.

Testimonial

“We really liked Gemserv’s culture when dealing with the GDPR. Ivana managed to bring it down to a human level using a down-to-earth approach, minimising fear. She broke up the project in to manageable chunks and was able to communicate messages and share information effectively. It has been great to work with an organisation that are focussed on us as opposed to the financial aspect of their work and the team have all been positive about their relationship with Gemserv and with Ivana.”

Mike Walsh – CFO, Newable