Event Planners – Look After Your Attendee Data or Face the Music

As an event planner, you will know how important the new EU General Data Protection Regulation (GDPR) has been in raising the issue of data security.  In fact, a 2018 industry found that more than 75% of event planners believe that the safekeeping of their attendee data will be a much bigger priority for them because of GDPR.  But why should event professionals start taking responsibility for data security and what are the things they need to do to minimise the risks of breach?

What Event Planners Need to Know About GDPR and Data Security

Remember that GDPR is all about protecting the rights of individuals over organisations. It is an important piece of legislation that ensures that organisations dealing with personal information (and the events industry is no exception here!) are doing so in a transparent and secure way – and always in the individual’s best interests.

We’re already starting to see how GDPR is changing the way companies market themselves. After Facebook’s recent data breach scandal with Cambridge Analytica, the social networking giant has run an extensive advertising campaign promoting its security credentials.  We’ve also seen others like Barclays and the NHS using radio ads and billboards to assure customers that the safety of their personal information is a priority for them as an organisation.  This is only the beginning.

Read: Is the Facebook Data Breach Scandal a Wake-Up Call for the Events Industry?

For meetings and events, there are three important reasons why data security is now more important under GDPR:

  • GDPR makes ‘Privacy by Design’ a legal requirement, which means privacy concerns and the security of attendee data should be a consideration from the offset of all your event planning activities – and not just an afterthought.
  • GDPR requires you to take responsibility on how your third-party data processors (hotels, venues, agencies and event tech suppliers) are also looking after your attendee data.
  • GDPR makes it compulsory to notify authorities within 72 hours of discovering a security breach – it is therefore important for event teams to understand what constitutes a breach and what they should do if data is compromised.

eBook: The Event Planner’s Guide to Data Security in a Post-GDPR World

You may think that the whole issue of data security is something that needs to be dealt with by your IT, legal and operations team.  But the reality is that there are many day to day things that you may be doing as an event planner that could easily put your organisation under serious risk of a breach. Things like sharing system passwords and emailing delegate lists.  Not briefing freelances properly, losing devices and using open Wi-Fi networks.   These are just some examples but there are many more.

A new eBook from Eventsforce titled, ‘The Event Planner’s Guide to Data Security in a Post-GDPR World’ investigates some of these common data security vulnerability areas for meetings and events and offers readers some practical advice on what they can do to look after their attendee data. It also provides some useful information on how to identify a data breach and what steps to take if attendee data does end up getting lost, stolen or compromised.

Event planners can also use the two checklists that are included within the eBook. One is for event team leaders and the other for individual team members, to ensure everyone follows the same processes when it comes to data protection and the safety of attendee data.

The eBook follows the publication of the ‘Event Planner’s Guide to GDPR Compliance’ which looked at the impact of the new legislation on things like event marketing, data management and event technology – along with some practical steps on how planners can prepare for the new GDPR requirements.


If there is one thing that GDPR has achieved it is that the ownership and responsibility for data protection and security now rests on everyone.

The volume of personal information we collect in our industry is staggering. And doing things that minimise the chances of this data getting into the wrong hands will give your attendees confidence that you are on the case and looking after them properly.

Doing this all the time will boost your reputation, generate more confidence and ultimately bring you more business.  After all, why would people want to work with organisations who are doing as little as possible to safeguard their personal information?

But it will, however, require a shift in thinking.  Some of the ways in which event planners operated in the past will need to be changed.  But those who embrace this change will be the ones who stand out.  By making data security a priority around their events, they will be able to show attendees that their organisation can be trusted with their most valuable asset – their personal information.

You can download the ‘Event Planner’s Guide to Data Security in a Post-GDPR World’ here.

Eventsforce offers a comprehensive set of event management solutions, services and expertise that can help with data security and support the event planner’s journey to GDPR readiness. Get in touch by contacting one of our team members at gdpr@eventsforce.com.