We’ve all heard by now – GDPR less than 4 months away. A lot has been written on the topic, but the majority is very uninformative and boring; much of it makes you feel as though GDPR is impossible to tackle.
We’ve read a lot of GDPR literature recently, including a 75 page ‘Pocket Guide to GDPR’ (some people must have huge pockets!). This blog sets out to answer a bunch of GDPR questions and, most importantly, actually help!
GDPR (the General Data Protection Regulation) will replace the current Data Protection Act 1998 on the 31st May 2018. In 1998, when the current legislation was written, the world was a very different place; Windows 98 was the latest platform and 3G had only just been invented. We were without Twitter, Facebook, LinkedIn, and YouTube, and there were no USB sticks, Cloud storage, or Fibre Optic Broadband. Our day to day data usage, by both consumers and businesses, has changed beyond recognition. When you think about it, the current Data Protection Act is in desperate need of an update; an update that will bring it in line with the lives we lead now.
Because Article 50 has been triggered, many companies now think that they no longer need to comply with GDPR as it’s European legislation. As many as 1 in 4 UK companies think GDPR no longer applies to them because we’re leaving the EU. This is false information.
Companies the world over will need to comply with GDPR regardless of geographical location. GDPR affects any company that collects and/or handles data on European citizens. So, if you’re a business in Canada that trades with a company in the EU, you would need to be GDPR compliant because you would be collecting and handling data about EU citizens. This legislation affects far more than just EU companies.
A proactive approach is essential for effective data security. The majority of organisations don’t know exactly how their data is processed, where their data is stored, and whether the people accessing it are following company policy. Auditing this process will allow you to understand your data better, and also see where there might need to be improvements. The audit should allow you to:
Continual compliance of GDPR requires you to eradicate risks to your data. Data is so important to companies, and the vast majority can be accessed through the internet, making it highly traceable. We’ve witnessed the tremendous impact of data breaches on companies – loss of reputation, loss of customers and their trust, loss of money etc.. GDPR puts the onus on companies far more for their data protection than the Data Protection Act 1998 did. It’s vital that you:
GDPR may feel impossible at the moment, but breaking it down into bitesize pieces will help. It might be an intimidating piece of legislation, but GDPR also provides a great opportunity for businesses to redefine their customer relationships and earn customers’ trust by handling their data in a completely secure manner.
If you haven’t already, the time to start the GDPR process is now. There is no quick GDPR fix; it takes time and effort. Those companies that don’t comply will not just falter, it’s likely they’ll be permanently affected. The opportunity to become a leader in data protection is there, so grab it!
Please select the relevant option: