THE GENERAL DATA PROTECTION REGULATION IS COMING FAST:
Are you Compliant?
WHAT IS GDPR?
On the 25th May, the General Data Protection Regulation (GDPR) will be enforced across Europe, Including the UK.
WHY SHOULD YOUR BUSINESS CARE ABOUT GDPR?
Although this law comes from the EU, it will have a global impact. It WILL affect any business holding personal data on customers, prospects, suppliers, partners or employees based in the EU. In order to be prepared for the start date businesses need to start planning for the changes now. Ignoring this new legislation could result in companies and/or accountable individuals:
- Receiving a fine up to 4% of their annual turnover
- Reputational damage
With the rise in awareness of identity theft, online fraud and leakage of personal data, individuals expect business to respect and protect their data and privacy It’s good business sense to demonstrate that you “understand” this cultural aspect, as well as the financial one.
ICO 2017 prosecutions: https://ico.org.uk/action-weve-taken/enforcement/
12 STEPS YOU CAN TAKE RIGHT NOW
6 KEY THEMES TO ACTION BASED AGAINST GDPR 12 STEPS:
The rules are very complex, but our advice is not to be overwhelmed by them or to see GDPR as a blocker or a burden. We can help you build the rules into your organisational culture rather and make them business as usual rather than servicing them as an expensive and resource intensive overhead. Implemented properly, GDPR will help you and your business to manage data more effectively, internally and externally and give your confidence to those who work with or for you that you care about their data. There are 6 key themes around GDPR:
- Know what data you hold and why you hold it (treat as an asset)
- Manage data in a structured way (data mapping)
- Identify who is responsible for what data (data controller/ processor)
- Secure what you wouldn’t want disclosed (data security)
- Create a security culture awareness (training & development)
- Preparation – expect the best but prepare for the worst (management commitment)