Leading HealthTech Data Privacy Pro, Hayley Jaffrey, is living proof that you can change your career and live a life of abundance.
Hayley explains why it’s so important to go beyond passing an exam and really Earn Your Stripes to achieve success as a PrivacyPro by implementing her proven SKATE formula.
She reveals how the work in Data Privacy contributes to the greater good and has a positive impact on society, resulting in a meaningful, rewarding and respectable career.
Hayley shares her top tips for anyone thinking about Upleveling their Data Privacy career and setting up a Consultancy in the Data Privacy sector.
If you want to make it as a successful Privacy Pro and take your career to a new level - You can't afford to miss out on this episode!
Connect with Jamal on LinkedIn here: https://www.linkedin.com/in/kmjahmed/
Connect with Hayley on LinkedIn here: https://www.linkedin.com/in/hayley-jaffrey-cipp-e-cipm-fip-98544010/
Apply to join here whilst it's still free: https://www.facebook.com/groups/privacypro
Hello everyone and welcome to another episode of the Privacy Pros Academy Podcast, my name is Jamila, and I'm a Data Privacy Analyst at Kazient Privacy Experts. I'm primarily responsible for conducting research on current and upcoming legislation as well as key developments and decisions by supervisory authorities, my co-host today is Jamal Ahmed, who is a Fellow of Information Privacy and CEO of Kazient Privacy Experts. He's a leading Global Privacy Professional, World Class Trainer and Lead Mentor at the Privacy Pros Academy.
Hi everyone, I'm really excited to speak to our lovely guest Hayley, Jamila, why don't you tell us more about our guest.
Thank you, Jamal. Our guest today is Hayley Jaffrey, she is a DPO and Privacy Consultant at The Quality Atlas Limited. She is an IAPP Fellow with a Post Grad in Data Protection Law and Info governance, she has a specialism in health tech clinical research and studies, Big Pharma and healthcare. Prior to working in privacy she enjoyed a 15 year career in senior quality compliance and governance roles, Haley is a Lean Six Sigma Black Belt certified RCA leader and instructor and an ISO management representative. Wow, That's an amazing bio Haley. Thank you for joining us today.
Thank you for having me.
So glad to have you today and as you may have listened to our previous podcasts before we always start off with an icebreaker question, and the icebreaker for you today is if you could be any animal, what would it be and why,
Oh that's a good one. I would be a dog in a really nice family, like my dog is in our family, that gets lots of attention, good food, and is generally treated like a recurring
thing that's the ideal really Yeah, I would probably agree with you on that
one. Yeah, is there any particular breed you'd be Haley,
an Irish Terrier, that's what I have her name is Gino, and she's just a great dog, really easy dog although terriers generally can be a little bit sort of tenacious. Yeah, and dogged, but no she's actually really easy but they're a great breed.
Fantastic. Hayley you mentioned you're in Health Tech, and with the pandemic and everything going on. How's that been over the last couple of months,
Very busy actually very busy indeed. So with the pandemic, many organisations in the Health Tech, health care and clinical research space are having to look at alternatives to continue to do the work that they do, and support patients and progress with clinical trials and studies that help the public at large, that they're looking at innovative ways of doing that, which generally involves are sort of innovative technologies, a lot of data sharing and sort of really just looking at new ways of working, which has an impact on how data is processed and handled for a lot of organisations that are in unchartered territory, and therefore need to get some advice around that, you then, couple in Brexit and the challenges that EU organisations are previously EU organisations in the UK, how they're having to deal with things, and then you know the Schrems II, to the Privacy Shield and validation, everyone is in bed with US cloud providers and certain countries in the EU particularly involved in digital health care are taking a really hard line about not using us cloud providers, and there isn't really any other solutions going around viable solutions going around so that sort of posed quite a problem for those organisations who've got integrity at the heart of what they do and they want to do the right thing and you know they're patient centric and therefore understand confidentiality, understand the protection of data, they're looking for guidance. So knowing that, in answer to your question, really busy, lots of new privacy conundrums where you're trying to figure out the best solution that enables a business to do what they need to do, but still stay within the parameters of what's the right thing to do legally and ethically. It's a lot of fun. I really, I love what I do I'm very, very fortunate that I love what I do and I like the generally like the people that I work with as well but I think you make those choices when you've got your own gig going on which is nice.
That's super positive and amazing to hear, and we love speaking to Privacy Professionals that are passionate about what they do, and that love what they do, and it's impossible to do something, when you have to force yourself out of bed and that's definitely not a way to be living life so I'm super happy when I speak to people that are really passionate. That's awesome. It's really interesting how you have so many different challenges, it's such a short space of time that you have too manage companies providing patient care during times like this, it must be a very challenging environment for you. How do you cope?
I don't take myself massively seriously got a very good sense of humour, I'd like to inject a little bit of fun in what we do, contextually as well. I don't know I'm actually, I've got nice lovely family and friends and I think at the moment actually I had this conversation yesterday with a lawyer colleague of mine, and it's not the first time I've had this conversation is right now in the pandemic we're all working at home, and our work life balance is not as defined as it was pre pandemic when we were, you know, we had travel time to go to the office, you finished at a specific time you were going home then. And essentially, for the most part that was your downtime, there isn't really that sort of demarcation as much now.
I had a call, just before this actually with our client and they're like the only time I've got free is like tomorrow night. That's Friday night that's not gonna work is it and I'm like, well, I'm not doing anything else. So, at this point in time, I don't mind as much and because I enjoy what I do, but we will get to a point in the future where it will be like you guys I kind of need to get my work life balance back but you know I'm going to have social engagements, hopefully, and be able to go out and do things, but it's enjoyable, what I do I make choices about what I want to do when I want to do it. I'm fortunate that I can do that as well. Generally, I kind of just cope with it I talk to colleagues, I get coached by colleagues and by friends and people that I respect I ask for help when I need it. I'm not shy to do that at all. We're continually learning, and quite a lot of what we do is open to interpretation. So it's quite nice to have a really decent community, the data protection community is fantastic. I'm fortunate that I've got lovely friends and they're really supportive and informative, as well, really great peers. And if I'm struggling with something, or challenge. I can reach out and, you know, there's no judgement, there's no superiority, and it's just super helpful and that helps enormously
Wow your passion really comes through, I think it will really encourage people who are thinking about a career in data privacy because it sounds great, what you've been saying, but what first sparked your interest in data privacy?
quite an interesting journey where how I got here a little bit serendipitous actually, but I'm 50, next year and I didn't go to university. So I started working very young, I had like my first job at like 13 or something in a shoe shop, funnily enough, and have worked consistently, all that time, dipped my toe in a few things you know when I was growing up, when I was in my 20s I worked for Barclays stockbrokers, that involved a lot of knowledge or good knowledge basic knowledge of data protection because financial records etc and you're dealing with a lot of personal information and not so I had an, a knowledge and an understanding of it then.
I then went into an investment house as an auditor and that again you needed to have a good understanding of that because you were auditing against standards and laws and regulations, etc. And then from there I actually went to the NHS and worked for NHS times four for several years, which is our out of hours, health care provider, similar to NHS direct in England. And again, health information, you have to understand what data protection and information governance entails. So I always had that sort of very basic interest but not hugely interested, and then I enjoyed a really good career in quality compliance and governance, three, four years ago, I met a friend for coffee, and she said, Oh, I'm going to do this. I'm going on a training course it's a SIFI training course for GDPR and I said, I've heard a bit about that, what's that all about, and she said oh it's new data protection and I said oh I understand a little bit about data protection, she goes my colleague can't go on the course, there's a free space if you want it.
And I thought, okay, yeah, why not. And I thought I was setting up my own company anyway to do the quality and the governance consultancy and I thought I'd show the plan, and see what that's all about so I went and it was brilliant. It was just so interesting, the Human Rights element the other legislation, you got taught about the sort of structure of the European Union, really, really interesting and I thought I just really enjoyed it, and it was Christie Goldsmith, who was the teacher. And I also met someone that's become like an amazing friend of mine now as well Amanda Williams, and Mark Evans as well so that you know it was like the infancy of my proper privacy career. So I did the course, and I loved it so much I enjoyed the studying for the first time in my life, I enjoyed studying did the CIPP/E passed it and thought actually this is what I want to do.Hayley:
I had 20 years of doing governance and quality and thought actually this would be a really good point. I've got about another 25 years you know hopefully working, why don't I do a career change and do something that actually really interests me now so it was just like I said serendipitous and it just went from there. I took the leap with the Limited Company and decided, I'm actually going to give it a chance with Privacy. Fortunate, I had a decent network, and what I did was I offered companies and people in my network, free GDPR awareness training based on the limited knowledge that I had, it came with that caveat look I'm learning this at the same time and assessments because I'd been an auditor assessments of their data processing activities, what they needed to put in place to comply with the principles, and it just went from there. So they were like well if you're gonna come in that and you're gonna do it for free and we need somebody to actually help us put these things in place, we'll pay for that, and that's how it worked and within two years I had like 55 clients ranging from really small businesses to large multinationals, mostly up here in Aberdeen.Hayley:
And then the GDPR shock came and went to 25th amazed, then there was this massive anti climax, and I had a pipe plan and they were like well yeah nothing happened look nobody died. We can eat. We can wait, that's actually now, not an investment that we need to meet. I thought, Well, I still have to earn, I still want to do this I've invested a lot in my knowledge. So I said started looking for contract work, and then I got GSK, and that was the first contract gig that I actually worked for and I worked there for a year, and that was actually my introduction into healthcare and pharmacy, so that was quite a long answer wasn't it.Jamilla:
It was a very interesting answer.Hayley:
Yeah it was brilliant because you're basically complementing what all of our previous guests have said is, it doesn't matter what your background is, you can bring all of those things and make it a success and make it your greatest asset when it comes to the data privacy industry, and you took your auditing background that focused on quality, focused on making sure companies are doing what they're supposed to doing laying the different legislations, and you brought all that along, and you've been brilliant. And then you manage to sort yourself not just a career but an actual business where you make up your own mind, about when you work, how you work, who you work with, how much you charge, and enjoy all the benefits that come along with it so it's really inspiring to hear the answer. Thank you,Jamilla:
thank you, and your passion really is just coming through with all the answers that you've been giving, but what is it that you love most about working in data privacy,Hayley:
I used to admire maybe it slightly envious of have those who were in vocational careers, it meant a lot to them and that they were making a difference, and a difference to people as opposed to like an organization's bottom line. And some of my family are nurses, I know lawyers and accountants and police and the armed services, and you know they've got they have a passion for what they do and they believe that they're contributing to something that is good. I feel that way about privacy, I mean we're all data subjects. We are members of staff we are patients or consumers, it's vitally important. The work I do actually helps other people and means that they're a high degree of integrity, and just ethical value and model value in what we've done, you know there's a letter of the law, but it's just generally about doing the right thing.Hayley:
I actually worked for General Electric for almost eight years, on and off, they've got, they have like a really great value system, and that kind of gets entrenched into your thinking, you know, it becomes part of your DNA the DC about GE G's got the logo, the GE logo, it's kind of quite curly and the circle and they call that the meatball for some reason, and they do say that you know if you've worked in GE for long enough, they can cut you in half and find a meatball, because it becomes entrenched in your ways of working so they haven't split it, they had integrity in there, and that kind of migrates through and permeates into your way of thinking, I've always taken that with me. So this part of doing the right thing with people's information, and certainly in the healthcare space where I work is just so vitally important. You don't want to be on the front page of a paper and you don't want your business to go down the Swanee because you've done something wrong, I mean we've all seen it, but it's just instilling upon people just do the right thing. And by doing that, I feel, although it may be signs a little bit tweak that I am actually contributing to society if you like, in what I do around the integrity and the order of doing things a certain way, the right way, hopefully, and encouraging others to do the same.Hayley:
Yeah I mean I completely resonate with what you're saying and I absolutely agree, and in fact we set up an arm of the business called the Amanah project and Amanah is an Arabic word which means trust, and what we're saying is when you're handling people's personal data when you're collecting their personal data, you're actually collecting people's trust, and regardless of what the law says regardless of where the privacy laws say in different countries, where you're working with either the donors or beneficiaries or any individual, you have to protect that trust in a way that actually empowers and benefits the person's personal data that you're holding so, and I completely resonate with what you're saying it makes absolute sense.Hayley:
So they said, What do you stand for. And I endeavour to always stand for doing the right thing.Jamal:
Really good message. Thank you. So, you're in the healthcare field at the moment. What is one common myth about the Data Privacy Profession in the healthcare field that you want to debunk.Hayley:
It's not just in the healthcare field. It's in every field to be honest, is that privacy is the death of innovation. No, we can't do what we want to do because of GDPR, and it's like, well, no, that's not the case at all. And also that consent is the only legal basis as well that's the other one, so yeah I spend quite a lot of time having conversations, actually, particularly in the healthcare space about the difference between informed consent and GDPR consent, two entirely different things. And that's common confusion, in there that the informed consent is a medical legal requirement, and if I remember correctly, it definitely is underpinned by the Human Rights Act, as well but the Declaration of Helsinki, also the convention I believe that it is linked to as well. And that is, somebody is consenting to participate in a study or a trial, etc. So, there's that part of it and that's always required, but the processing of the personal data from that trial or study requires a legal basis under GDPR, and it isn't, and shouldn't be consent because you think you need all that trial data, if someone actually withdraws their consent, then your trial metrics and all of the data that you've got there will be skewed.Hayley:
So but it's about doing the right thing when you don't use consent if you're using, say for instance legitimate interest and I continually see it okay this is a great legal basis. But with that comes responsibility around our balancing our necessity, the proportionality and it's taking that organisations to do that. And when you have conversations with them and they've got that sort of preconceived idea that they can't do this because of GDPR and they can't do that, that you go well actually no, you can. And I think that's quite good from my background so Lean Six Sigma black belt as well, is finding pragmatic reasonable ways of working, that achieve your result, but still keep the integrity in what you're meant to do, legally, morally, ethically, etc, and engaging with clients to compel them around that as well. Now generally speaking, most of my clients will go, actually. Yeah, okay, we will take that, but occasionally you know it can be completely justifiable that they would say, No, we're actually going to do what we wanted to do in the first place, and you're like well that's fine I mean I'm here in an advisory capacity, and there's only so much influence and control that you can have of a business that wants or needs to make money a certain way.Jamilla:
Thank you, I mean that was just listening I was absorbing everything Wow. Definitely, yeah I was really, just intrigued with what you were saying about informed consent and GDPR consent because it's something I've been working on doing interviews as part of my PhD research at the moment I found that very interesting, thank you.Jamilla:
so, what would you say has been your biggest failure or obstacle that you had to overcome in your career and what did you learn from it and how did you overcome it.Hayley:
I wouldn't say I've overcome it, I say I'm mindful of it, and I talk to myself quite a bit about it as well, is actually getting quite emotionally invested in doing the right thing, I guess, the best way of describing it yeah I don't always want to fall on my Model Sword, put it like that, you know, it's very much about doing the right thing and integrity and trust etc you know as Jamal said, but there's some times, it's outside of my control about the decisions that organisations and individuals make about doing things, and I might not agree with it, I do need to work on my non verbals. Because if I'm not happy about something you can generally tell from my and I don't have different personas at work or personally either.Hayley:
And I was actually once called with a US colleague was describing me to another US colleague, and they said, Oh yeah, it's that blonde Scottish girl with Tourette's, which I because I just say what I've got to say, and sometimes I go, well, that was maybe a bit harsh. Maybe that wasn't the best thing to say and I do get myself in trouble around that I know that. So that is actually one of my areas of development, shall we say, but it's a continual work in progress, and on the best endeavours basis I think that's my hurdles generally is, I have to sometimes not get so excitable and be a little bit more amenable, I think. And less emotional when I'm trying to make my point I do get told sometimes I'm a wee bit intimidating, and a wee bit aggressive just because I'm sort of quite passionate about seeing things, but I've got some really great colleagues, and great people around me that will sort of go yeah turn it down as much really.Hayley:
Or I'll learn from them, or actually see the way you handled that you were so gracious, so classy, really informative you've got your point across, and that you didn't basically have to go handbags at 50 pieces. I learned a lesson from you there. Thank you very much, and I actually just did that last week. So, yes, I'm not awesome at everything, I'm not awesome about quite a lot of things, and I have areas of development, but I'm pretty self aware around it. Normally after the fact right enough but doing the best that I can.Hayley:
Thank you for such an honest answer. I'm sure it's going to be really eye opening for a lot of people. It's one of the things that we really like to teach people through the academy when they're first coming into Data Privacy is 50% is about the technical stuff, the other 50% is about stakeholder management, how you have those communications, how you investigate and get the right amount of data, and when you come in as a consultant, doesn't necessarily mean that everyone knows you or trust you, or wants to be forthcoming with the information, sometimes people might be thinking how is this gonna impact my end of year review I've told my manager something and now you want to tell me that what I told them was incorrect. I don't want to be the person looking bad. And a lot of it is sometimes unravelling people that they might not know to be true, or that they might not believe to be true, and just letting everyone know that it's okay. And the most important thing is, even when you disagree with something we still have to come in with the belief that everyone's doing the best they can with the knowledge and resources available to them. And my moral compass and your moral compass and our ethical integrity compass, they might not always be on the same line, but we know where the boundaries are because then it falls back to what does the actual law say about it. And that's one of the elements of the mindset stuff that we teach to all of our students in the academy, so thank you for sharing your experience with that,Hayley:
it's funny what you say there I've got a weird phrase that I see quite a lot around my opinion and somebody else's opinion, and I hear quite a lot you know common sense and I always say, common sense is a flower that doesn't go in everyone's garden. That's stood me in quite good stead, I have to say, I think we've always got parts of us that we know that we can do better with, I'm never ever ashamed to say sorry at all if I've done something wrong, or even sometimes if it's just like the politically correct thing to do is to concede, because my need to be right, isn't part of my, yeah, that's I correct myself quite a lot around that.Jamal:
Alright, let's move on to what are you most proud of Hayley.Hayley:
My business actually, and just where I'm at at the moment. i invested a lot in myself over, not just me shoes, I invested a lot in my learning, pride of my qualifications and proud of the clients that I have had and still do have. I'm incredibly grateful for everything that I've got, the joys that and abundances that I have in my life, there's a lot to choose to be grateful. I choose to have that attitude I focus very much on gratitude, and I think better things happen when you do that as well as a positive mindset, but I'm mindful of the pride element I'd say I'm more grateful. I'm just grateful for what I've got for the work that I do that I enjoy it. I've got a peer group that I really respect and that I really like, I've got you know the roof over my head, the clothes on my back all of that sort of thing I've got this business and like you said earlier, where I can choose, I can choose what I want to do. And yeah, it takes work, it takes effort, there's battle scars to prove it, but generally speaking, life's awesome.Jamilla:
yeah, I want to pick up on one, a couple of things you mentioned there Haley so the most important thing I want to pick up on so you just mentioned how, I asked you what are you most proud of you said I'm really proud of the investment that I've made in myself, the qualification that I've earned, the trainings I have been on, it's really helped me to have this life of abundance. Now there are a lot of people listening and there are a lot of people on LinkedIn and other places who are thinking about a career in data privacy, or they want to move on to a meaningful career they've heard this pays a lot of money, and they have this belief right now where they think that they can open a book and learn how to pass an exam, and they will be as successful as you or somebody else when it comes to data privacy. What's your message to those individuals.Hayley:
Careful what you wish for. There's a lot of resilience that is required in this gig, and I mean, I don't consider myself an expert at all, because every day's a school day and you know there's too much change and different interpretations, etc, in there, I do invest a lot of time in reading and researching, there's new cases coming out all the time. It's not just about the qualification, it's about the work that you put in, it's about the investment of your time and your effort, it's about the investment of engaging with clients, it's also about the investment of actually doing things not getting paid for it, that you do have to earn your stripes along the way.Hayley:
There was a lot of people in the early days of GDPR that you know, unfortunately they get called sneak Eilers do you know that they were in there and they were telling everybody, you know, you will get fined 20 million euros if you don't do X, Y and Z and if you pay me 20,000 pounds I will make sure that that never happens, and you lose credibility if you're using scare mongering tactics to get to compel people or sell people actually in that regard your wares. So for those that want to proceed in this career, I think that there's a mindset or mentality, and an ethos that is needed to do this and do it well, and I've preached on that earlier sorry, pardon the pun, and on the beach but I touched on that earlier, you know your level of integrity, your level of trust, and how much you're prepared to invest in doing the right thing, because you'll never get anybody else to pay you to help them to do that if you can't do it yourself.Hayley:
The investment of time to learn to let go of your ego quite a bit, and learn because I still daily have imposter syndrome, when I'm engaged with other with clients and with other peers and with lawyers, etc, because I think oh god do I actually really know what I'm doing. Oh, I feel like I'm really uncomfortable at the moment, but being honest about, I'm here to learn. Everybody's here to learn, every day's a school day my granddad used to say to me that all the time. If you want to be in a queue like this. Work hard. Don't be an ass, be cool, work hard, and remember that it's not about you it's about other people.Hayley:
Awesome, a certificate is just that it's a piece of paper at the end of the day, there's a lot of chatter in the privacy community about IAPPP qualifications. Some people not appreciating them at all. I can understand that as well, because it's part of a holistic competence, so I always use the acronym SKATE for competence, so you're skilled, knowledgeable, aware of your own abilities and the abilities that you don't have, trained, and you've got experience, over time.Hayley:
Now the change is just one part of it and knowing what I knew in the time that I've been doing this, I think I'm getting there, for sure, but I've got so much more to learn. So that certificate actually really doesn't mean that much. And I've met so many people that went to do the course, it got the CIPPE qualification and really know jam all about the practical application of GDPR, Data Protection Act 2018, PECR and actually any other legislation that is relevant to it as well. So it's time served just like being an apprentice, essentially, and you got to do quite a bit of grunt work to get there, your certificate is just part of the journey.Hayley:
Thank you for sharing those tips and it is very interesting how some people think the IAPP qualifications are absolutely paramount and other people say well it's a multiple choice question. And I think when you meet people who are asking some very strange questions yet they have all these credentials that they display you really think, really.Hayley:
Yeah, I mean I'm not going to bite the hand that feeds me, put it like that. I got my qualifications I invested in those qualifications, I'm proud of those qualifications, I know that there are people that are not okay with them, generally speaking, and I understand that because they're generally speaking about those that just get the certificate and think they can do the job, and it's everything else that comes along with that, that they're not getting and that does devalue those qualifications sometimes and it's just being aware of that part. Again you know like how we're pitching it this is not the panacea, getting your CIPPE qualification is not going to basically mean that you're gonna get 500 pounds a day doing what you do, you might get it for a couple of gigs but then they rumble you that you don't know what you're doing. So there's that side of things, but it's an industry recognised certificate, so you can fight against it but in the absence of there being anything else of merit, then, you know, what's the point and bleating about it, like I say I'm not going to bite the hand that feeds me I've done very very well having my qualifications, and I'm proud of being a fellow as well because that's demarked me a little bit more.Hayley:
I did my post grad at Northumbria University because I wanted to add to it, but what I will say is I did the postcard and that was a year, nobody cares. Actually nobody asks for that qualification, because when I go like to bid for work etc. It's the IAPP qualifications that are the ones that are recognised, and that's just the way it is.Hayley:
Absolutely and I completely echo everything you said, I'm very proud of the investments I made in my IAPPP qualifications and I was really pleased to be awarded the Fellow of Information Privacy as well, and it has really helped me in my career and it does help us differentiate ourselves from some other people, so I really am grateful and I really appreciate those certifications as well. And I think people that decide not to really invest in the other trainings and the experiences and the extra wide learning are probably doing a disservice to everyone else who's actually put in that time and effort and energy, who really earned those stripes.Hayley:
Yeah definitely, definitely. All right,Jamilla:
So your LinkedIn mentioned that you are the creator of the Data Atlas method, the QS Atlas method and the Quality Atlas programme could you tell us a little bit more about thoseHayley:
So this was pre privacy, actually, you remember I told you earlier on when I was just setting up my limited company, and I was going to go freelance and consulting, I've set up for many different organisations their quality management system so basically procedures forms, templates, etc, all of the tools underlaid by ISO requirements essentially as certifications, about the way you work. But it also enables, those processes, enable businesses to do things in a repeatable and therefore more efficient and controlled way. So as well as sort of cutting out some waste in terms of unnecessary working activities, you're then documenting the way that you want people to work so that essentially all of that comes together to form a quality management system, and there's many other things that go around that are the terms of governance around change control, and there's management oversight, management review, metrics, KPIs, everything that basically documents the way that you work and that you're doing it the right way.Hayley:
Funnily enough, and I've gone in and built QMS for organisations, different organisations and I just had this methodology that which was the way that I worked, so I decided that I would document the way that I worked, essentially, and trademarked it and marketed it as a methodology for helping businesses with their QMS, and to also meet ISO 9001 and all the different ISO requirements as well that it would help them have that in place, and yeah so I trademarked it.Hayley:
So the QMS Atlas is that methodology, and then I also added in the Quality Atlas, which has got some other elements to it and that is the name of my business as well, and the Data Atlas again was my methodology for helping people and organisations get GDPR compliant there was just a certain way of working and questionnaires and checklists and things like that so I trademarked it. And the idea was that that would then be a certain repeatable product that you could then sell but then I fell out of love with that idea because I saw that there was other people that were doing it and I felt like I like doing the work actually. So, I decided not to do our product offering, and to actually do a service offering.Hayley:
So that's what those trademarks are.Jamilla:
I'm not sure if you had a chance to read the new study, but there's been a proposal coming from Australia, about how we record sexual consent by an app, have you read the story?Hayley:
You tell meJamal:
Somebody in Australia has suggested that we have an app and the app is used to register sexual consent so that if somebody wants toHayley:
To have sex?Jamal:
Yes to consent to it, you have to use an app to record it, butHayley:
Thoroughly, thoroughly utterly ridiculous, it's like, oh, there's an app for that. That'sHayley:
Passion killer. But, no, that's just daftHayley:
You know what it is,Hayley:
What there needs to be, is that people just are nicer, and there are actually live by model codes and rules and don't do horrible things to people.Jamal:
Absolutely. Okay, final question for you. What are your top tips for Privacy Professionals who really want to take the career to the next level, and maybe set up a consultancy like yours,Hayley:
That'd be they're trained and they're already working for a company, and that they want to, like, be their own boss. Yeah, there's a couple of people that have done that fairly recently and I think but in certain industries, there's been a necessity to do that, because unfortunately within the pandemic in certain industries the first people to go was like DPOS and quality people because they are deemed to be surplus to requirements when they're actually your safety net.Hayley:
But I try to think of what I did, around that, I mean networking is massive and that networking was like a really big deal for me back in the day where you could go places and things. I went to some Data Protection World Forum that was on in London for a couple of years went there, introduced myself to other Privacy experts in the communities are well respected Privacy Professionals in the community.Hayley:
The training side of things, of course, is there having that I got a website, and then just started. I did a fair amount on LinkedIn, sort of, commenting on opinion pieces and articles and other people's posts, and then posting some of my own, in there as well. So it's just about increasing your profile, but doing it in a way that you're not overselling yourself, and that people aren't going to kind of typically British people as well like "who does she think she is? Look at her?" you know, still having that element of being gracious and humble.Hayley:
Being confident in what it is that you want to do, hopefully, in the not too distant future, we will get into sort of more the social side of our community as well and going to conferences, and I got the opportunity to be part panel member, and speaker at some events as well, that sort of increases your profile and your credibility and that then kind of gets you known.Hayley:
Use your network, see if there's a market there, don't take a leap necessarily, if you don't have to, see if there's a market there. If you have a specialism in Privacy in a certain sector that helps actually because there's certain sectors that are doing really well at the moment. Don't overextend yourself unless you're comfortable with that, and just, you know, I got advice from Business Gateway, an elevator around the setting up of my business as well they actually ended up giving me work which is quite nice. I got a Virgin Business Loan. When I started out to help me get my office equipment, my printer my business cards, my big posters and all that for when I was speaking and they've also got some business advice services in there as well. So yeah, use government support, and organisations for setting up your business. But it's no different to any other business, know your market, test your market and see if that's going to work for you.Jamilla:
Amazing some really practical tips there as well, things like the loans from the government and seeing what's out there.Jamal:
Thank you so much Haley, it's been absolutely lovely speaking to you, I could sit and have a chat with you all day. I look forward to catching up with you.Outro:
If you enjoyed this episode be sure to subscribe, like and share, so you're notified when a new episode is released.Outro:
Remember to join the Privacy Pros Academy Facebook group where we answer your questions.