Now to be honest, I was drawn more to the etymology of the ‘buck’ expression, but interesting origin aside – and more of that at the end – when it comes to GDPR, data-protection and privacy, no single person or organisation will be held to account if there is a breach of data.
Rest assured, anyone who has been part of the data-handling or data-processing will have to demonstrate they have done their utmost to ensure that the data are handled in line with the regulations set out in the Act.
The Act actually came into effect in 2016, believe it or not, but it was only in May of this year that we all had to make sure we complied. So, no last-minute panicking there, then – we had all had plenty of time… Of course we had.
But how does this affect your relationship with your translation/localisation providers?
Do they show due diligence in their approach to GDPR? Do they have a data-controller who is organising regular data audits to plug potential GDPR gaps? Does the company have a Privacy policy that, most importantly, the staff at the translation agency are familiar with and follow religiously? Are their subcontractors, if they use them, bound by the same constraints?
Have you asked them whether they do?
As we all know, to assume they do, of course, merely serves to make an ass out of u and me, as well as, unfortunately, a heap of money for the GDPR regulators if they need to fine you. So, ask your agency to demonstrate that they do conform. If they don’t, you may well want to conduct a different kind of audit – a supplier one.
Is your translation agency storing your data securely? Is the email (and its attachments) that you send accessible by anyone else but the party concerned? Do you have the option of secure file exchange platforms?
NDAs (Non Disclosure Agreements) were, for some companies, a bit of an afterthought when working with ‘more sensitive’ data. You probably use your own with the language services provider. But do they use them with their subcontractors?
Ask the questions and ask for the evidence. It could save you a whole lot of bother and money at a later stage.
The languagey bit
‘Passing the buck’ refers to the marker used in poker, where the buck was often an antler-handled knife to show whose turn it was to deal the cards. When your turn was finished, you passed the responsibility to another; similarly, if you found the burden of dealing too heavy, you could also pass the buck to a different player. OK, so the information isn’t as useful as perhaps the other stuff above, but it’s a shed-load more interesting.
PS Please forgive my using ‘data are’ – it really grates with me too, but I have to make an effort to conform not just with GDPR but also with linguistic convention.