EDM first charity data specialist to pass new DMA data audit
EDM Media UK is one of the first organisations to successfully pass the DMA's stringent new data audit, a new standard for best practice.
Areas covered include when and where data was collected, consent, opt-in statements and privacy policies, security, TPS, MPS and FPS screening procedures and other suppression processes.
With charities and data companies facing scrutiny over their use of personal data, and the GDPR coming in next May, it provides a valuable extra assurance that an audited data business acts responsibly and is committed to the very best practice.
Suzanne Lewis, Managing Director of EDM Media UK comments:
"Data protection compliance covers a vast number of areas and intricacies, it can be difficult for charities to achieve fully without help from data experts. The upcoming GDPR makes getting it right ever more imperative.
"The DMA's audit is a rigorous process and passing it means our partners and clients can have complete confidence in our standards and our ability to help them with their own data compliance. We are delighted to be one of the very first data businesses to receive this accreditation."
Introduced to ensure the highest operational and compliance standards among data businesses, the audit applies specifically to the buying and management of data. The DMA first piloted the audit in 2016, fully rolling it out this year with DMA members that buy and sell data now required to undergo the audit as their membership comes up for renewal.
It is an update to the DMA's existing compliance process that all members must go through to ensure that their practices are in line with the DMA Code. Timing-wise, it lasts for three years or until significant change occurs within an audited business.
DMA Code compliance already requires an extra level of best practice on top of all legal requirements. This means that any data business that passes this new audit has put its policies and processes under the greatest possible scrutiny and is therefore thoroughly compliant with both the Code and all data protection regulations. As such, it provides exactly the assurance organisations should be looking for when seeking a partner to help them with their own compliance.