Happy Halloween! GDPR does not have to be scary
Hasn’t this year just flown by?
Halloween’s here, Bonfire Night is next week and then it’s Christmas! How often do you find yourself saying that?
Well, before you know it, we’ll be into the new year, spring’s around the corner, and then – you’ve guessed it – the General Data Protection Regulation ("GDPR") will be 2 years old!
You may have already heard us mention it once or twice because it’s not that far off, and it isn’t going to go away!
It’s pretty important too. Especially if you’re a small or medium-size business and hold any type of personal data on other individuals.
The law has changed…
The Data Protection Act has changed to the GDPR, which means there are some things you should have started doing, and other things (which you should have been doing anyway!) that you’ll have needed to be doing differently.
Either way, it’s designed to benefit individuals and companies alike, and is an ideal opportunity for you to review and assess your approach to data.
For instance, the GDPR requires you to maintain records of your processing activities, so it may be worth considering a business-wide information audit (or one that’s specific to a particular business area) – to check not only what personal data you hold, but also where it came from, and who you share it with.
There’s a lot to think about!
GDPR: Some practical steps to consider
We know that some people feel a little overwhelmed at the prospect of GDPR, and are a bit unsure about where to even start.
So here are some key questions to help you figure out where you stand.
The obvious ones are:
- Do you collect data? If so, what type, and why?
- Where and how do you keep it?
- Are you all over it – or is it all over the place?
- Who has access to it?
- Do you have to pay the Data Protection Fee?
Or how about:
- Do you actually know what GDPR is?
- (It’s about protecting individuals’ rights to privacy, and making companies’ data processing more secure and transparent.)
- Does it apply to you and do you know what it means for your business?
- (It’s likely to apply to most businesses.)
- Who’s responsible for data protection in your business?
- Do you know what processes need to be in place for you to be compliant?
- How aware are you of the importance of proper data mapping?
And worst of all:
- Would you know how to respond to a Subject Access Request?
- Could you handle a data breach?
- How much of a fine could you afford to pay?
- To what extent might you be sticking your head in the sand?!!
So, are you really prepared? Or not?
If you’re all sorted, then that’s good news.
If you’re not though, then you’re in luck, because that’s what we’re here for – to help you understand what’s what, and get everything the way it should be.
We can help you carry out a GDPR gap analysis to review your data, policies and processes, and provide practical advice on what you need to do to be compliant.
And we’ll do it in a way that’s simple, straightforward, and most definitely not scary!
Why not get in touch to arrange a visit and talk things through?
It could be the difference between peace of mind and a last-minute nightmare.
Until next time...