Hasn’t this year just flown by? Halloween’s passed, we’ve just had Bonfire Night and next it’s Christmas. How often do you find yourself saying that?
Well, before you know it, we’ll be into the new year, Spring’s around the corner, and then – you’ve guessed it – the General Data Protection Regulation takes effect. That’s right, as soon as May 2018!
You may have already heard it mentioned once or twice because it’s not that far off, and it isn’t going to go away! It’s pretty important too. Especially if you’re a small or medium-size business and hold any type of personal data on other individuals.
The law is changing…
The Data Protection Act is changing to the GDPR, which means there are some things you’ll need to start doing for the first time, and other things (which you should have been doing anyway!) that you’ll need to start doing differently.
Either way, it’s designed to benefit individuals and companies alike, and is an ideal opportunity for you to review and assess your approach to data.
For instance, the GDPR requires you to maintain records of your processing activities, so it may be worth considering a business-wide information audit (or one that’s specific to a particular business area) – to check not only what personal data you hold, but also where it came from, and who you share it with.
There’s a lot to think about!
GDPR: Some practical first steps to consider
We know that some people are feeling a little overwhelmed at the prospect of GDPR, and are a bit unsure about where to even start.
So here are some key questions to help you figure out where you stand.
The obvious ones are:
Do you collect data? If so, what type, and why?
Where and how do you keep it? Are you all over it – or is it all over the place?
Who has access to it?
Or how about:
Do you actually know what GDPR is?
(It’s about protecting individuals’ rights to privacy, and making companies’ data processing more secure and transparent.)
Does it apply to you and do you know what it means for your business?
(It’s likely to apply to most businesses.)
Who’s responsible for data protection in your business?
Do you know what processes need to be in place for you to be compliant?
How aware are you of the importance of proper data mapping?
And worst of all:
Would you know how to respond to a Subject Access Request?
Could you handle a data breach?
How much of a fine could you afford to pay?
To what extent might you be sticking your head in the sand?!!
So, are you ready? Or not?
If you’re all sorted, then that’s good news.
If you’re not though, then you’re in luck, because that’s what we’re here for – to help you understand what’s what, and get everything the way it should be. We can help you carry out an information audit to review your data, and provide practical advice on what you need to do to be ready for next May.
And we’ll do it in a way that’s simple, straightforward, and most definitely not scary!
Why not get in touch to arrange a visit and talk things through? It could be the difference between peace of mind and a last-minute nightmare.
Contact Emma at Emma C Browning Ltd for all your GDPR HR questions – emma@emmacbrowning.com
Contact Kellie at Databasix Ltd for your specialist GDPR enquiries- kellie.peters@dbxuk.com