GDPR - Part 3

Tuesday January 23, 2018

In the final blog regarding GDPR in this series, we are looking at:

 How technology can help with GDPR

 Like a lot of things, GDPR will come along whether we like it or not, as well as whether we believe we have time to implement it or not, so may be the best solution would be to use GDPR as an opportunity to improve business processes.

Some areas to consider could be;

  • Improve cybersecurity technology and processes
  • If you work with non-EU based companies, find out what you should do about data relating to them and any of your clients.
  • Ensure the PC’s and devices used within your company have the correct software installed to protect your data, as well as ascertain who can access data.

It is important to keep in mind the potential fines that businesses will attract if they don’t comply with GDPR and start acting now – the deadline is getting ever closer.

The previous blogs we have published in this series have explained the importance of correctly managing data, ensuring that you know where the data is, how it is stored and used, as well as the rights of individuals and businesses whose data your company stores and processes.

Summary

Also remember -  The Information Commissioner’s Office (ICO) is theindependent authority in the UK, which was set up to ensure the rules and information rights are carried out correctly and in thepublic interest, by promoting openness by public bodies and data

privacy for individuals. They are also there to help and have published a lot of useful information.

Some questions have been put together below by way of a summary to assist you:

What happens if I don’t comply with GDPR?

It is the responsibility of the company to comply with GDPR. The fines can be extensive.

Will GDPR still affect companies post Brexit?

Yes, it will, as documented in an earlier blog in this series, the government intends to incorporate GDPR into a UK Data Protection Bill, to minimise disruption to the UK’s economy.

Where do I start?

Appoint someone within the business to oversee GDPR. If you are a small business, it may be yourself as Director, but if you have a team it could involve input from various departments in the company, for example HR, Operations etc.  

Who should know about GDPR?

It is important that all staff are aware of GDPR and the impact it has.

How do I report a data breach in a compliant manner?

If you have find a data breach, you may need to inform the ICO within 72 hours.

How much time and money will it take to prepare for GDPR?

If your company has already adopted the EU Data Protection Act, then ensuring you are compliant with GDPR may not be expensive or resource-intensive.

 

A good practice would be to put together a GDPR checklist, considering the information in this series of blogs along with your own relevant research.

 

Remember the deadline date is 25 May 2018 – Good Luck!

Contact Us

Newsletter Sign Up

Fieldset legend