Blogging, GDPR, ICO, VA, Virtual Assistant

A major concern of outsourcing to £10.00 per hour workers can kill your business…if you do not recognise the implications and act on it now!

Angela Brown | NottmVA

 

Data Security
Photograph courtesy of Jo Welch Photography

Many Sole Traders inadvertently outsource their work or tasks to a more economical source. In my niche (or target market/audience) of Health, Wellbeing and the Medical sector, whilst dealing with Special Category Data, this is the most common and costly mistake you could ever make!

Here is an explanation as to why, and what you should really be doing instead.

 

Special Category Data: Personal, Sensitive details

By outsourcing your admin work to a £10.00 per hour worker might seem like a perfect solution to you at the time, and you may think that you’re getting a job done for half the pay, or a third of the cost perhaps, but there are reasons for that:

 

Virtual Assistants who are either self-employed (or could also be Ltd) who provide you with invoices and have been in business for extensive amounts of time, have taken specialist training, and more importantly have registered with the ICO and the HMRC with their businesses and of course, have the appropriate business insurances, public liability and some may even have cyber data loss insurance too!

 

—o0o—

 

VA Rate Courtesy of VIPVA.org
VA Rate courtesy of vipva.org

Would your £10.00 per hour admin person with their wage, after taking on board for example, to pay for the tax and NI deductions, their secure systems and subscriptions that are needed to keep yours and your clients’ data secure, the relevant insurances mentioned above, the compliances, the costs for their own training and marketing costs and the wear/tear and utilities costs and so on.  Let alone any profit!?! Once all of that has been taken out of their £10.00 per hour cost – what on earth are they left with to live on?  It just doesn’t make good business sense! But more importantly, how are you or your clients’ data being protected?

You may need to question this.  You can check the ICO Register here: https://ico.org.uk/ESDWebPages/search/ to see if your workers’ invoices for your special category data are registered for processing or controlling yours or your clients’ data.

I liaise regularly with my IT Consultant for GDPR to ensure that my software and systems are secure and up-to-date.

Here you can see a graphic provided from VIPVA.org that illustrates the true take-home pay of a Virtual Assistant and this is based on the 2017-2018 tax year’s hourly rate of £25.00 per hour.  Interesting figures huh? 

 

But what if I like my Worker? 

There are ways around this, of course.  If your worker is not registered, with either the HMRC and/or the ICO, then, of course, there are a couple of options.

You will need to either a) employ them or b) the worker will need to become self-employed (or Ltd) and invoice you accordingly.

If you employ them then you will need to be liable for their holiday pay, pension pay, and everything else that is associated with employment law and there is an abundance of information out there that will support you with that.

If your worker then decides to register as self-employed and you then receive invoices as you outsource work to them as their Virtual Assistant, then the Virtual Assistant or Freelancer will need to have immediate ICO registration and appropriate GDPR and special category data training in order to protect both your data and more importantly your clients’ data as they will have access to confidential and sensitive information.

I use a company called KoffeeKlatch for this very specialist training.

There is also the option of asking your freelance worker to undertake some VA training.  At the beginning of my PA to VA journey I joined a comprehensive training programme that taught me how to run a business and how to use my existing skills and trained me to use my passion and skills that I utilize in my business today.

 

What if I think a mistake has been made?

If you feel that mistakes have been made in your business, either by you, your practice or your work, of course, you are obligated to report a breach to the ICO to protect your business and your clients and you only have a limited time to do this under the rules and guidance that is provided with the GDPR.

If you have breached your clients’ data to someone that should not have it, then you will need to provide to the ICO your examples of what has been breached, how it was breached and solutions as to how it will not happen again – all within their small window of reporting schedule.

 

What if I want to Outsource my admin work to someone else? 

If you would feel like the time has come to complete your current contract that you have with your worker, then, of course, your written existing contract will explain how you give notice to your existing worker. If you do not have a contract then I can highly recommend Koffeeklatch VA Contracts.

If you would like to work with an experienced Virtual Assistant, that is passionate about their own ethics and morals, and understands how to work with their own security, data and has good business ethics and acumen and is confident about working with your data and your client’s Special Category Data then, by all means, contact Angela at NottmVA.

 

Nottingham Virtual Assistant

 

 

In the openness of transparency, I am affiliated with Koffeeklatch and VIP PA.

Marketing Support from Michelle Ibbs

 

Blogging, GDPR, Networking, New Business, VA, Virtual Assistant

How do you Protect Yourself From a Potential ICO Threat?

How Do You Protect Yourself From A Potential ICO Threat?

ICO NottmVA

Angela Brown | 2018

As a small business, you are registered with the HMRC and with the ICO as a data controller and/or processor right, RIGHT?

It is important to ensure that you have got your policies and processes set up and you have undertaken the necessary training and that your paperwork in order, that’s a given. If you need to, you can look for the necessary business contracts via KoffeeKlatch who are an excellent source for all your GDPR business matters are and have legal experts on board to guide you through all the legal jargon.

Only you, as the lead in your business and the expert in your field, know how to undertake your business to its ultimate, as a freelancer have to convey to your client how to proceed with a particular task, but they have been doing something one way, and you need to be assertive in doing that something a different way or enforce something, it can be a bit tricky.

Let me give you an example:

If your client was sending documents to a client (let’s say client A) with an attachment that contained sensitive data with details of name, date of birth and bank details etc, and your client happened to send the wrong PDF document to the client (let’s say client B), you would then be in an ICO breach position and have to report this incident as another client would have had access to another person’s data and you would have to write up a process of how the incident occurred and how you would rectify it, and how it would never happen again – all within 48 hours.

The Solution

If you had a policy and process in place that you ensured that your client A (and their employees) had all of their PDF documents password-protected with each client’s own preferred passwords (by separate means, not via email), that if the wrongly-sent document from Client B with Client B’s password on was sent to Client A, if Client A tried to open with Client A’s password, and could not open because of the process in place. Then there is only an error made that needs to be rectified, and a breach avoided.

It is imperative that as a small business yourself you are following correct procedures and processes and ensure that as a data controller and processor that any work you undertake as a freelancer that you are compliant with work that you do not only for yourself but for others too.
If you need source PDF documents password-protecting then NottmVA can undertake that service for you. Please email for your enquiries.

NottmVA

 

Blogging, Email Marketing, Facebook Marketing, GDPR, Networking, Social Media, VA, Virtual Assistant

Building Your Email List

ju

Building Your Email List

Building Your Email List

It’s common knowledge that as a small business everyone is striving to find that elusive client and you need to always be on the lookout for new ways to market your business. In the depths of Facebook and Twitter et al you can get lost in the algorithms whatever they are at any given time and who knows, they change with the wind, don’t they?  Social Media sites also belong to someone else as well too. The only things that belong to you are your website and your mailing list.

 

Do you have a Niche?

Once you have determined who your target audience is for your business and you have defined your niche then you are on a roll!

 

What does your Client want/need?

This is when it becomes a little easier to target what your audience or your client wants or needs.  How can you solve their problems?  How can you ease their pain?  What is it that makes their day so much more difficult to get through without you assisting them to glide through much more easily.

 

Lead Magnet

Now you can create your prize jewel – your Lead Magnet. This is marketing terminology for a free service or product that is given away for the purpose of gathering contact details.

 

Promote, Promote, Promote! 

Yay – you’ve got your lead magnet – that’s it! You can now promote it. You can advertise it in your blog posts, social media, link it in your emails – get it out there!

 

Automate or Manual?

As you’re promoting your Lead Magnet you will now be gaining interest. If you use one of the programs to do this for you it can automate the process. This can be Aweber, Mailchimp, CampaignMonitor are just a few to choose from.

 

Be Appropriate

Of course, you need to ensure you gain appropriate permission-based email lists and use the correct opt-ins. If you use one of the automated email programs, then this is all done for you. Better still, use a double opt-in.

 

Be Consistent

Have you got offers or discounts to advocate from time to time, this is a great way to promote your posts regularly and keep your traction.

 

CTA

Finally, do not forget your Call To Action. Ensure you ask your readers to subscribe to your email list.

Virtual Weekly Sign UP

 

If you like what you’ve read – go on, jump in and take a look at my Virtual Weekly E:Mag! It’s full of business tips and ways to reduce your time.

If you would like this blog post as a PDF just email us and we’ll get it right out to you!

 

 

 

Blogging, GDPR, VA, Virtual Assistant

Calendars: iPhone or Google?

Calendar nottmvaCALENDARS: iPhone or Google? 

The comparison against IOS or Windows – ooh!

What to write in a blog – well, I was scrolling through my LinkedIn account, as you do when I came across an article which was comparing Google calendar against the iPhone calendar and I thought this was an appropriate ‘thing’ to share with my fellow ‘bloggees’.

It’s an interesting topic, I use both calendars, both for myself and my clients and like both for different reasons: for the functionality and the different operating platforms that they perform on.

I will post a copy of the link at the bottom so you can read it for yourself and I look forward to your comments as to which you prefer.

As an avid iPhone user, I read this with interest until my stomach sank when I saw that it stated it ‘undoubtedly collect and store your personal data”. Well, didn’t the panic set in? Whoah! Off I went to my friendly KoffeeKlatch GDPR group to convene and discuss.  But no sooner, did I raise the conversation and the article, as I put in my little place and was indeed told that companies have always been collating personal data, it is just that now under the new revised laws of GDPR they are required to tell you about it. Phew, panic over.

Let me know what you think of the report by commenting below, or emailing me – do you prefer the GSuite Calendar or the iPhone Calendar?

https://www.linkedin.com/feed/update/urn:li:activity:6426571311677476864

Email Marketing, GDPR, VA, Virtual Assistant

Connecting on LinkedIn? Can you add to your list?

It’s a big question, isn’t it?  Who can you add to your mailing lists?

Post-GDPR – 25th May 2018 – what can you do, what can’t you do… Hmm, it’s all a bit twinkle tippy toes..

Well, keeping in touch with the right people who’re in the know is important.  I like to think I do, that’s for sure..  If I’m not, please do give me a nudge and signpost me on my way! But here’s a great infographic from KoffeeKlatch that gives you a quick read at-a-glance giving you the do’s and don’ts about your mailing lists.

 

Can-I-add-this-email-address-to-my-list_infographic-1
Make sure you keep your lists in tippy-top order and that you have the right consent.
If you would like me to email you and let me know about the services I offer you can contact me directly.

Would you like to subscribe to my email list and receive a copy of Virtual Weekly, a mid-week E: Magazine?