When we talk about personal data and data protection, most people immediately think of GDPR. Everyone knows what it is and what it is for, but few know how to properly comply with the guidelines.
We could compare this whole issue to a car, for example. Everyone knows what it is for, but far fewer people understand how the individual parts work in it. Which is perhaps not a bad thing, since this is a separate profession, and car mechanics will fix it if something goes wrong. If we don't understand something about GDPR and data management, we can ask an expert, we can read up on the appropriate forums. The point is that in the case of GDPR, it's not about knowing the text of the regulation by heart and word for word, just as we don't need to know exactly and in detail how the engine works in order to drive a car.
The question of driving a car is of course a completely different matter and more relevant in our case. In theory, even a five-year-old knows how to drive a car, but without the proper basics (traffic rules, routine), it quickly becomes clear that it's not just about pressing the gas to accelerate, pressing the brake to brake, and turning the steering wheel in the meantime, but it's not that simple.
Why did we bring up the car and driving as an analogy? If someone does not know the most important basics about driving, it can easily end in trouble, which can cause serious damage not only to the driver, but also to those around them. We must realize that anyone who drives a car also has a responsibility.
Everyone could say that they are not lawyers, that this is not their area of expertise, even in relation to GDPR. Now, this is just as valid as telling the police that you are not professional drivers, taxi drivers or racing drivers when you are speeding. You can always try, but the result is predictable.
It's important to recognize, whether we like it or not, that we all handle personal data all the time. At work and in our private lives, when we go on Facebook, when we give someone their phone number, when we write someone's name on a note. For all of these reasons, it's a good idea to be aware of the rules that apply to this data.
It's like the Road Traffic Act. Is it a pain to learn? Yes. Is it a pain to follow? Often, yes. Can it cause trouble if we don't follow it? Unfortunately, yes. That's why it's worth adopting the same attitude when handling data. We simply need to learn the necessary basics, then after some practice, we need to be able to put them into practice, and then act accordingly to ensure that everyone's data is safe.
We can probably agree that the protection and security of personal data is a very important and sensitive area. None of us would like it to fall into the wrong hands, just as we would not want to encounter a driver on the road who is completely unaware of the rules.