BT 2016 Annual Report Download - page 49
Download and view the complete annual report
Please find page 49 of the 2016 BT annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39 -
40 -
41 -
42 -
43 -
44 -
45 -
46 -
47 -
48 -
49 -
50 -
51 -
52 -
53 -
54 -
55 -
56 -
57 -
58 -
59 -
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
 |
 |
Overview The Strategic Report Governance Financial statements Additional information
53
Different parts of the world approach privacy and data protection
differently. Individuals’ fundamental right to privacy is reflected
in the fact that today data privacy laws are in force in over 100
countries. More and more we (and other multinationals) have
to show that we’re handling personal data in line with a complex
tangle of national data laws and societal ethical expectations.
Potential impact
Failing to stick to data protection and privacy laws could result in
possible regulatory enforcement action, fines, class-action, prison
sentences and the regulator telling us to stop processing data.
On top of that, we could see huge reputational damage and
big financial losses. Those losses could come from fines and
damages if we fail to meet our legal requirements, as well as
costs resulting from having to close customer contracts and the
subsequent customer churn. Companies who’ve had high profile
‘data incidents’ have seen their share price hit hard, and suffered
ongoing costs from their non-compliance.
Link to strategy and business model
• Deliver superior customer service Trend:
What’s changed over the last year?
National regulators are more aggressively protecting their citizens’
privacy and data protection rights. They’re especially targeting
companies who fail to do due diligence, or who knowingly accept
(or ignore) a related risk for too long. This has been brought into
sharp focus by the mushrooming of the data threat environment,
with several big organisations suffering incidents.
There’s been a general trend toward bigger financial penalties
and more frequent public shamings for organisations that break
global privacy and data protection laws. The UK Information
Commissioner now issues more penalties than Ofcom.
How we’re mitigating the risks
We’ve introduced governance to clarify accountabilities and
responsibilities for data activities across the whole business. People,
processes and technology have been our core areas of focus. By
embedding this governance, we’re reinforcing our expectations
around personal data with our people, partners and third parties.
The cornerstone of our education and training programme is
making sure our people understand our data governance culture
and the impact of data risks on our business. Our mandatory
data training focuses on individuals’ roles, with relevant scenarios,
helping highlight the varying data risks of different BT job families.
By educating our technical and commercial units we’ve made a
step change in understanding data risks across the group.
We want to give our people the tools they need to make everyday
risk-based decisions around privacy and data protection without it
being a burden or making their job more complicated. Because if
we do that, there’s a much better chance of data compliance being
‘business as usual’. For example, using Privacy Impact Assessments
when we develop new products and services makes sure everyone
understands privacy issues from the start and builds in the right
controls, without any operational impact.
Supporting the third-line assurance of our Internal Audit team,
the Chief Privacy Officer and his team are a second line of defence.
They undertake an annual cycle of audit and monitoring. That is
overseen by the BT Compliance Programme Panel, who track and
monitor everything until completion.
Health & safety
Our business – and in particular our vast engineering workforce –
does a lot of work which is subject to health and safety regulation
and enforcement by national authorities.
Potential impact
If we failed to implement and keep up effective health and safety
management and governance, that could have a big impact on
our people and our finances. It could lead to people getting
injured, work-related sickness and service disruption for customers.
It could also lead to our people and third parties making
compensation claims against us, or fines or other sanctions if
we didn’t stick to health and safety regulation. There could even
be criminal prosecutions against us, our directors and our people
– all of which would harm our brand and business.
And of course an unhappy or unhealthy workforce also leads
to higher work absence rates and lower performance levels.
Link to strategy and business model
• Deliver superior customer service Trend:
• Transform our costs
What’s changed over the last year?
The range and complexity of risks has gone up as we’ve offered
new services to our customers. Those risks include us doing more
construction and electrical engineering work on our own network,
and the fact that we have new contracts which need our people to
work to maintain and extend the UK’s mobile network. We’ve taken
a lot of steps to mitigate these risks – especially around how our
people work with electricity or high off the ground.
We’re building a plan to further embed health and safety into
our operations. In the past year, we’ve seen major legislative
change – particularly with the UK introducing Construction,
Design and Management Regulations which place new
responsibilities on organisations around making construction
work safer. We’ve worked with the UK regulator and others in our
sector to respond pragmatically to these demands. We’ve faced
increased enforcement action against us this year, and also a few
prosecutions initiated for past incidents.
How we’re mitigating the risks
For the past five years we’ve busied ourselves implementing a
Board-endorsed health, safety and wellbeing strategy. And each
year, each line of business produces its own health and safety plan
with its own targets and programmes.
Our people managers take responsibility for making sure their
teams know how to comply with health and safety standards.
We monitor compliance using annual licensing, scheduled refresher
training, competency assessments and accreditation processes
for higher risk groups. All BT people do training in basic health
and safety.