Five Ways GDPR Will Immediately Impact The Business of Your Association

Over time, associations have created all sorts of data and that data has been processed, communicated and stored over all sorts of hardware, networks and technology infrastructure. With GDPR on the horizon, the following five points identify new processes and strategies that need to be in place prior to May 25, 2018.


Any breach will need to be disclosed.

Data controllers that experience a breach of personal data privacy will need to report it almost immediately and may also have to notify individuals affected.


Erasure becomes a universal right.

Sometimes known under its previous, expanded iteration as “the right to be forgotten”, this allows individuals to request personal data related to them is deleted.


Consent needs to be explicit.

Citizens will be able to ask tough questions about what is happening with data held on them. This applies to “data controllers” (organizations collecting personal data, for example a retailer, researcher or public-sector agency) and “data processors” (the outfits that process the data on behalf of data controllers, for example cloud service providers).


Systems and internal processes will need to be retooled.

Organizations will need to show that they have built in privacy to workflows and processes – for example by scrambling identity information as it is input to a system – in an approach sometimes known as Privacy by Design.


You will need a go-to person.

Specifically, organizations of significant size will need to appoint a specialist Data Protection Officer (DPO) who monitors internal compliance. Depending on the size and type of the organization, this person could be a part-time consultant.

Think of GDPR as a spring cleaning even if it has been a long time since you last examined your data assets. Every organization needs a full audit which will help prepare for the GDPR and empower their staff with valuable knowledge. 

Getting Started with Your GDPR Checklist of To-Do Items

  1. Perform a personal Data Audit
  2. Create a per-data-subject list of relevant processes
  3. Document Consent or Lawful Usage
  4. Configure your AMS to capture and document GDPR Processes
  5. Implement an ongoing process for the first points to be periodically reviewed and updated in your AMS
  6. Define the process for data-subject requests
  7. Establish an internal notification/change process

And from Impexium…We’re here to help. Our industry-leading Association Management Solution (AMS) powers the association industry’s most forward-thinking and innovative organizations. We look forward to working together to make your organization’s GDPR journey a successful one.

Related Blogs

Technology Tips for Associations

Technology Tips for Associations

Technology may be ever-changing, but one thing that remains constant is its importance, in terms of marketing to and connecting...
What Do You Mean When You Say Integration?

What Do You Mean When You Say Integration?

Integration is a word we hear a lot when discussing association websites. To clear any confusion, we broke down the...
Thinking About a New AMS? 10 Common Myths Debunked.

Association Executives Share Their Technology Expectations

What association executives look for from their technology: system efficiency improves productivity and predictability.
What You Need to Know About General Data Protection Regulation

What You Need to Know About General Data Protection Regulation

The EU passed the world's strongest law aimed at strengthening citizen's fundamental rights: data protection. Here's what you need to...


  • “I found Impexium to be more modern, more sophisticated, more user friendly, more intuitive.”

    Jeff Sventek AsMA
    Jeff Sventek
    Executive Director at AsMA
  • “You have to have a support team that communicates clearly, is a good listener, is patient and can really handle the problem solving…I have been really pleased with Impexium’s support. They are on-top-of things responsive…I know they will stick with me until we figure it out.”

    Kelly Webb FCLB
    Kelly Webb
    PR & Pace Coordinator at FCLB
  • “…very excited because of the possibilities that I see for NADA moving forward, the ability to give our executives the information, any intelligence that they need in order to help our members better…the ability to simplify the whole application ecosystem, removing unbelievable complexity and bringing simplicity to the application.”

    Rafael Maldonado NADA
    Rafael Maldonado
    Former CIO at NADA
  • “We wanted a partner that would grow with us and one that could innovate with us. Impexium checked all those boxes. They took us from outdated to automated.”

    Laurie Bollig CoSIDA
    Laurie Bollig
    Director of Membership Engagement at CoSIDA
  • “…Impexium has allowed us to significantly improve our processes and procedures. We’ve automated quite a lot with Impexium and removed a number of manual processes that we had before. And staff are very happy about that.”

    Impexium RAPS Case Study
    Wendy Sahli
    Technology at RAPS
  • “I like the fact that by using Impexium versus our previous system, we will be able to reduce staff’s workload. As a result, NAADAC’s staff will be happy, feel more capable and competent…in serving our members.”

    Cynthia Moreno Tuohy NAADAC
    Cynthia Moreno Tuohy
    Executive Director at NAADAC

Let's See If Impexium Is The Right Fit For Your Organization!

Trade associations, professional societies, and non-profits of all sizes have transformed their businesses and exceeded member expectations with Impexium’s membership management software. Request a personalized demo today.