GDPR, or General Data Protection Regulation became law in May 2016 and affects everyone in the EU, it will become compulsory on 25th May 2018. Brexit will not affect the requirement to comply and it will be incorporated into English Law in due course. It’s designed to:
If you run a business of any kind and you deal with EU citizens’ personal data, the new rules will apply to you and there are some pretty stiff penalties for non-compliance. Here is a link to the Information Commissioner’s Office guide to GDPR.
Most businesses collect, store and use personal data from prospects, customers, employees and others. GDPR compliance applies to every business. Even if you only store that information in paper files. So you should assume that your business comes under the auspices of GDPR. The new rules mean you will have to abide by protocols for:
You are likely to need to look at your business from a variety of perspectives. Of course, every business will have a different starting point.
However, for most of our clients, we believe that the job of becoming compliant will typically need the following work, with the amount of effort in proportion to the size of the boxes shown on this page.
We’re not experts in the writing of policies and procedures, so we’ve teamed up with Certikit who are. Their toolkit contains most of the documentation that you need to become compliant and instructions on how to complete it. The toolkit has a Gap Assessment Tool which will point to activity that is required, so we would recommend that’s where you start. We think the Certikit is the best on the market and at £395 plus VAT, we believe it’s the most cost effective way to get you on your way to compliance. Go to this link to find out more.
If you use our code at checkout for the Certikit GDPR toolkit, we will give you a 5% discount on the toolkit PLUS provide you with an additional one hour telephone consultation covering the IT aspects of your project. Please contact us for the code.
Of course, we can also help if you’ve chosen another route to develop your policies and procedures and want some advice on the IT front. Again, just get in touch, 0333 101 7313.