The General Data Protection Regulation (GDPR) will come into force on 25 May 2018. This will replace the current Data Protection Directive. The aim is give citizens back control of their personal data.
All organisations, no matter what size, will be required to comply with the new regulations – the fines for non compliance are sizeable.
Whilst this may seem like an administrative burden on businesses, it can be used as a positive marketing tool. To be compliant with the GDPR will give clients and suppliers confidence in the business and can enhance reputation.
What do you need to do?
- Assess your current procedures for processing data
- Map your data flow – how does the data come into the business, what is then done to it, and how does it ultimately leave the business
- Undertake a data audit – where is your data held, how old is it, do you still need it? The length of time you need to keep data may depend upon legal requirements, as well as the GDPR
- Assess the basis under which you are processing and/or controlling data
- Train your staff to ensure continued compliance
- Monitor your processes on an ongoing basis to ensure compliance is maintained
If you would like to discuss, or require assistance, please call Vicki Craig or Alison Snook on Rugby on 01788 539000