Home Hero1

The story of CP Data Protection

Fairly new to the world of data protection, I enjoyed the ICO Conference in 2013 (I think it must have been) in the beautiful Grand Hotel in Manchester. As I listened to Christopher Graham, the Information Commissioner at the time, talk in his speech about the upcoming new regulation – the GDPR – he mentioned something that sparked my imagination. The new role of Data Protection Officer, he said, would potentially be filled by one person acting for a number of organisations. While he continued to talk, I suddenly pictured myself doing just that – supporting several businesses to comply with their legal obligations, being helpful, and not getting bored.

But I brought myself back to reality – I couldn’t really do that. I wouldn’t know where to start, and when I returned to the day job, that daydream became a more and more distant image. It seemed impossible to leave the stability of a regular income, especially after the birth of our first child in 2016, and my husband becoming a stay-at-home parent. It worked for us, and still does, but it made the thought of taking the leap to self-employment too scary to contemplate seriously.

My maternity leave ended in February 2017, and I came back to the office keen to get stuck into the preparations for the incoming GDPR that would be enforceable from 25th May 2018. There was a lot to tackle in preparation for the new regulation.

As I got up to speed on GDPR as quickly as I could, several things happened close together, which changed my thinking. Some were positive – I was better organised and more efficient at work than I’d ever been, as wanting to get home on time really kept me focused. We had also found we spent a lot less of our savings during my maternity leave than we had expected to, so we had a bit of a buffer. (Who knew that babies don’t actually cost that much in the first few months, if most of your days are spent walking laps of the park chatting to fellow first-time mums?)

Other events that reframed my work plans weren’t positive at all, in fact they were heartbreaking – the Manchester arena bombing in May 2017 and the fire at Grenfell Tower in June 2017 both claimed the lives of innocent people who could have had no idea what was coming.

With those tragedies causing me to think again about what I really wanted from my work-life, three things spurred me on to think about self-employment again: Tim Turner very kindly gave up an hour to listen to my imposter syndrome fighting with my desire to try consultancy, and he was so generous and encouraging. I met a friend of a friend who was self-employed and when I asked him to help me consider the pros and cons of giving up job security, he simply countered by asking me how long my notice period was. It was just two months, which he pointed out was the length of my job “security” at any given time, compared to him having just signed a six-month contract, and the ability to work for different organisations, which meant more than one income stream.

And finally, I talked to my then-line manager about the GDPR and the need for a Data Protection Officer, only to be told that, while I was needed for GDPR preparations, “they” didn’t want to give me the job of DPO, and have me “swanning around with a clipboard.”

Within days, I had handed in my notice, because – now – the idea of staying put had become more scary and stressful than the thought of trying my hand as a freelance consultant.

I hit the ground running, thanks to the GDPR looming on the horizon, and I was never in the position of having to scramble for work. The downside of “GDPR fever”, was that I ended up making myself unwell, and I spent 25th May 2018, the day the GDPR became enforceable, in bed. Working from my bed, though, because apparently I didn’t want to pay any attention to my health. *sigh*

It’s been 7 years since CP Data Protection was launched into the world, with CP standing for my initials, but also for the “clear & practical” style of advice I strive for. It’s been an emotional rollercoaster, which I’ve mostly loved, but it’s been tough at times – for example I only had a few weeks of maternity leave for my second child, born in 2019 – and I’ve learned some lessons the hard way. But I’m proud that I am still learning every day, and I feel like I am having a positive impact on the world, in my own small way.

The aim now is to keep building on that foundation, and find ways to help more people and organisations (without making myself ill), and the DiSH Membership is an integral part of that plan. Watch this space!

Clare Email Sig