Tag Archives: GDPR

GDPR

Top 4 Tips for Getting GDPR Ready

Industry News & Insight, Tips

If you haven’t thought about the impact that the GDPR is going to have on your business you should definitely put it at the front of your mind as the May 2018 deadline is drawing even closer. Still not sure what the purpose of the GDPR is? The General Data Protection Regulation was designed was to simplify and harmonise the data privacy laws across Europe in an effort to further protect its citizens and give them more power when it comes to their personal data. This important regulation will change the way every business approaches data privacy. As the GDPR looms closer here are some tips to make sure you’re ready for it.

Be Aware & Prepare

It’s really important to have a good understanding of the purpose, aspects of and how it will affect not only your business but you as an individual also. Distribute information throughout your company internally so all staff have a chance to be educated on a regulation that will have an effect on how they handle and store personal data in their role. Putting together an informational guide or even hiring a GDPR specialist such as a data protection officer to train and advise your staff is a good way to raise awareness.

Carry Out a Data Audit

Investigate the data processes that you have in place in your company, what sort of personal data do you store, how much, and where is it stored are great questions to start thinking about. The data that is affected by the GDPR is any and all personal data stored by a business or organisation that can be used to identify and individual or is at all linked to any information that could lead to identifying an individual.

Consider decluttering the data that you store, evaluate what data is the most important and put together a checklist of the only information that you need to store and what information is not of value and is not needed to be retained. Once you have concluded what data is unnecessary you should debate whether it would be beneficial to destroy it. Holding less data can simplify future processes such as Subject Access Requests.

GDPR Knows No Boundaries

Although GDPR is very focussed on the control and privacy of personal, identifying data and information it doesn’t just pertain to companies who are based in the EU. Any company outside of the EU – whether you’re in Australia or Abu Dhabi – who collects data within the EU regarding EU citizens fall to the same regulations as companies based in Europe.

Know the Special Requirements

Avoid a substantial fine and make sure you’re educated on all the technicalities. Something as simple as not updating your privacy policy by May 2018 could land you in hot water, some businesses may even need to request parental consent when asking for and processing data for individuals aged 13 and under.

The rule of unambiguous consent is also being introduced with the GDPR. It is crucial that before any personal data is collected or used for marketing purposes individuals consenting to their data being stored understand 100% what they are agreeing to when handing over their information.

The GDPR is extensive and it is very important that you research and read up on every aspect of the regulation so you are prepared and completely compliant when May 2018 rolls around.

Get in touch with us here at C3 to see how we can help you, contact our team on 01223 427700 or email info@c3.co.uk.