Like most Indie Publishers I struggle to accomplish everything I need to do as an Indie Publisher. You know the list by now:

• Create content – you can't sell what you haven't written
• Producing books – to make time for writing I outsource as much as I can using trusted writers who have businesses for editing, interior book design, etc. I want the Business Books for Writers line to be a professional venture and I know I am not a professional designer or layout specialist. I also don't catch all the errors in my books if I try to edit them myself. I can catch everyone else's errors in THEIR books, but as my first edition of The Writer's Business Plan proved, I can't edit my writing. That is why I hired a professional editor and republished the first book. Lesson learned!
• Administrative Tasks – As was discussed in Completing The Writer's To-Do List there are some tasks, such as managing the financial aspects of the business you should never outsource.  I handle all my administrative duties. I yearn for the day when I can outsource much of the management aspects of the company to a virtual assistant. (But never the financial work!)

Learning I had to make my website compliant with new data protection laws was a task that would require me to educate myself on the requirements, teach myself how to make the changes and do so while I was juggling a number of projects that would earn me money. If the fines for non-compliance hadn't been so high, I might have deferred working on the task. Instead I gave myself two hours to determine my options. First I had to learn what GDPR or EU DPR was!

What is GDPR or EU DPR

If you haven't heard about GDPR or General Data Protection Regulation (also referred to as Eu DPR or European Union Data Protection law), do not feel bad. I follow publishing news, and I admit the GDPR requirements deadline caught me off-guard. Here is a quick overview. There are several links to more information in the newest edition of The Writing Entrepreneur newsletter. If you aren't a subscriber you can sign up for the free newsletter, and I'll send you a link to the May issue with some great articles to check out. (You can opt-out at any time, but subscribers tell me they find the information useful!)

Here are the quick definitions:

What is the ‘General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies. GDPR will come into effect across the EU on May 25, 2018.

General Data Protection Regulation (GDPR) Definition | Investopedia https://www.investopedia.com/terms/g/general-data-protection-regulation-gdpr.asp#ixzz5FrTtiGYG

EU DPR Definition

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.^[1]

It was adopted on 14 April 2016,^[2] and after a two-year transition period, becomes enforceable on 25 May 2018.^[3] The GDPR replaces the 1995 Data Protection Directive.^[4] Because the GDPR is a regulation, not a directive, it does not require national governments to pass any enabling legislation and is directly binding and applicable.^[5]

How I chose my GDPR Strategy

When I realized that I couldn't delay the update to the Business Books For Writer's website to meet the GDPR or EU DP requirements, I looked at my ambitious to-do list for the week and the month of May and knew I needed to come up with a plan for meeting the requirements quickly.

My latest book had just launched and was part of a fantastic StoryBundle of books for writers .(I hope you all took advantage of the deal! If not, hopefully, Kris Rusch will offer a similar business books for writers StoryBundle next year.) If you want a head's up next year on release of  The Write Stuff StoryBundle follow me at @BusBooks4Writer on Twitter.)  When I realized I needed to make my site GDPR compliant I was busy tweeting, writing blog posts, and reaching out to newsletter editors of writers' associations. My awareness campaign called for me to do everything I could to make make sure all of my followers heard about this amazing opportunity. I also was working on an outline for my newest fiction book. (I am very excited about this project. It is one of those books that you write because the theme is very personal and you believe will prompt readers to see current events in a new light. I'll be writing about this project on the TonyaDPrice blog.)

I knew sitting down and studying GDPR  requirements was a task that would take up time. I didn't have.

The task had to be done because my site captures email lists despite the fact I have a small business with under five employees. I used the Eisenhower Matrix this task fell into the category of Important and Urgent.

For those not familiar with the Eisenhower Matrix here is a great way to sort your tasks and prioritize them:

• Important and Urgent
• Important not Urgent
• Not Important and Urgent
• Not Important and Not Urgent

I couldn't complete the task in under two minutes. (If you are familiar with David Allen's Getting Things Done: The Art of Productivity you will recognize this as the first step in evaluating a new task on your to-do list.)

I couldn't defer the task.

I couldn't delete the task, but I could outsource the work and that is what I did.

I realized that Europe has been working on GDPR requirements for a lot longer than US companies. Several indie publishers based out of the UK have sites that already appear to comply with these requirements. I checked out Joanna Penn and Jane Friedman sites.

I'm in the US. I can't just copy what an indie publisher in another country does, and I didn't even have time to try.

I needed to outsource the project.

Outsourcing my GDPR task

I use Fiverr for projects I can afford to outsource. Fiverr is a site where people post what gigs or projects they are willing to do for people for a price. I found my awesome cover designer on Fiverr. I found several not so great proofreaders on Fiverr. It is a mixed bag in terms of good or bad experiences. Here is how I find great people on Fiverr:

I start with small projects where my investment is small and give the same project to three people. Then I pick the best. When I find someone I really like I give them all of my business, and I always tip. I start out at 10%, but if their fees are very reasonable, I give 20%. These are people I make part of my production team.

Making the Business Books For Writers GDPR compliant needed to be done quickly since I hadn't realized I only had until May 25 to comply. (If you haven't started I wouldn't worry too much. Although the fines for GDPR are stiff, I have read small businesses are probably low on the list of companies they will target in the beginning. I recommend you start now. Everything points to strict enforcement eventually.)

The strategy I used to find help with my GDPR implementation was to look for someone on Fiverr who had the highest number of positive reviews with a five-star rating (the highest you can get) and read the reviews themselves.

This strategy doesn't always work. Sometimes you end up having to settle for someone who doesn't meet this criteria, but I lucked out and had a great experience.

The GDPR solution for Business Books For Writers

I decided to go with wolfesq to make the Business Books For Writers website GDPR compliant. Here is a summary of my experience:

• I will tell you I did spend more money than some of the other people charged in Fiverr for meeting the requirements, but the reviews were glowing, and I liked the fact that he was a lawyer in a European Union country AND a programmer. In the end, the cost was less than half what I pay a professional editor.
• Providing the information he needed took about five minutes. He emailed me with simple questions to make sure the information he included on the site was correct. Each answer took about one minute to type back. He completed the work within the five days specified in the quote (luckily I made the decision to act in time to avoid having to pay to have the work done in three days) and, I am very happy with the result. I went ahead and paid extra for the Privacy Policy. (Here's a head up to everyone on my email list you will be getting an email with our new privacy policy in the next few days. I know you have gotten a ton of them, but informing you of the official policy is the professional thing to do. This is a big change and if you have any questions I want you to let me know.)
• I definitely would recommend wolfesq on Fiverr to anyone who has made the decision to outsource this work and whose budget can handle the fee of less than $300.
• If you want to do this work yourself, and if I had the time, I certainly would have gone this way, the Writing Entrepreneurs newsletter has several links to online sites that will help you get your site GDPR compliant.

I am happy with my decision. The task is complete, and I spent my time on tasks that will help pull revenue in for Business Books For Writers. I also spent my time on activities only I can do for the company. In my book, that is always a win-win!

How helpful was this article for you?