The deadline is fast approaching to ensure your business is compliant with the General Data Protection Regulations (GDPR), which, on 25 May 2018, will replace the current Data Protection Act. With tougher penalties, a wider remit and increased rights for individuals, businesses of all sizes and types need to understand what the regulations mean for them and plan accordingly.
The underlying principle of the GDPR is to enforce stronger data security and privacy rules among organisations when it comes to protecting personal data.
Some key areas to look at include:
- What data do you hold in order to service your clients?
- Do you document all the information you have?
- What data do you hold for marketing purposes?
- How do you audit current data protection measures at your company?
- Are your data collection and procedures GDPR-compliant?
Companies also need to ensure their security alert systems are equipped to identify any break-ins quickly because, under the GDPR, data breaches will have to be reported within 72 hours.
If this is all new to you, you’ve heard of the GDPR but your company has yet to prepare for the upcoming changes, now is the right time to start. With fines of up to 4% of annual turnover or €20 million, whichever is greater, it is important you act now to ensure you are ready for the changes. If you have any questions then please get in touch.