Does GDPR Impact Your Business?
The General Data Protection Regulation (GDPR) is now here – impacting businesses globally.
The GDPR (General Data Protection Regulation) came into effect on the 25th May 2018 and for the last 2 years+ there has been a lot of talk about it in the media. It would have been hard to miss it – even if you are outside of the EU.
There was so much emphasis on the deadline and a lot of scare tactics too (it is true that non-compliant businesses could receive a fine of up to 4% of annual turnover). Now that the GDPR is here there are no more deadlines and if your business processes personal data (of people in the EU) you’ll need to ensure you have everything in place TODAY. GDPR does however introduce lots of opportunity too.
What is the GDPR? (Recap)
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).
The GDPR came into effect on the 25h May 2018.
Will the GDPR affect my business?
If you hold and process personal information about your clients, employees or suppliers that are based in the EU, you are legally obliged to protect that information. It doesn’t matter if your business is based in the USA or anywhere outside the EU, GDPR will still apply.
How will GDPR affect my business?
With personal and sensitive data you must:
- Only collect information that you need for a specific purpose;
- Keep it secure;
- Ensure it is relevant and up to date;
- Only hold as much as you need, and only for as long as you need it; and
- Allow the subject of the information to see it on request.
What do I need to do to become GDPR compliant?
Keith Budden, our GDPR Consultant recommends a number of things you need to do to become GDPR compliant:
- Map your business’s data. What personal data do you have? Who has access to it? Where is it stored?
- Determine what data you need to keep. Only keep data that you need to keep.
- Put security measures in place. Does your website have a SSL certificate? Is your data encrypted?
- Establish procedures for handling personal data. Everything from collecting, storage, rectification and removals.
What happens after everything is in place?
GDPR Compliance is not a one off activity. Once all the above is in place it will be important to ensure they are enforced and kept up to date.
If you have any questions about GDPR, feel free to email us on firstname.lastname@example.org
He has worked with over 80 clients including British Airways, the Metropolitan Police, the Ministry of Defence and the Serious Organised Crime Agency (SOCA). Keith also has a number of high profile roles including being a board member of an NHS Clinical Commissioning Group.
There are few professionals with his length and depth of experience, and now offer this experience to the business world to help them implement GDPR.
Become GDPR Compliant Quickly with the GDPR Tracker
The GDPR tracker is an online tool that will guide you around the items that need to be considered under the new General Data Protection Regulations which came into effect in May 2018.
The Tracker will advise you on exactly what you need to do to become compliant and stay compliant too.
Once inside you’ll see that the system is straightforward. All aspects of GDPR get covered and split into sections. You work through each of the sections, answering questions about your business.
Progress gets tracked so you know how much more you need to work through before you are compliant.
Details about the actual regulations are right there in the system. No going back and forwards to many websites to find a part of the policy.
At the end you can download everything to a PDF document which can be shared with anyone who needs to see how you comply (e.g. customers, regulators).
You will get everything you need to get GDPR compliant:
When you buy the GDPR Tracker you’ll also get access to a private support group on Facebook with GDPR consultants on hand to answer all your questions.
That service alone is worth more than the price of the software (See below).
The GDPR Tracker will get you GDPR compliant:
And you will avoid the huge fines for non compliance and keep your business running smoothly.
Become GDPR Compliant Today
If you were to go out and put this package together for yourself it would cost well over $1,000 (without even thinking about developing the software).
All the policy documents would cost in excess of $900 and GDPR consultants charge more than $150 per hour.
By using the GDPR Tracker to become compliant you’ll save hours (You know your business better than anyone else) and save a small fortune if you were to use a GDPR consultancy to do it for you.
Now that GDPR is here…
- Fines of up to 4% of global annual turnover or 20 million Euros – which ever is greater will come into affect.
- Individuals will have right to request what data is held about them, which needs to provided to them within 30 days.
- Marketing will be difficult if you don’t have explicit consent – leaving you wide open to be reported to the ICO.
- All breaches will need to be notified to the ICO within 72 hours and recorded.
Frequently Asked Questions
Once you have the key processes and procedures in place these will need to be maintained as and when your organisation changes and especially when you’re data requirements change too.
Data subjects will have the right to access their data.
As you introduce new systems and suppliers – Privacy Impact Assessments will need to be carried out.
If your organisation is investigated or breached – you’ll have all your information in relation to the GDPR via the GDPR Tracker for easy of use in a single report.
They have worked with over 80 clients including British Airways, the Metropolitan Police, the Ministry of Defence and the Serious Organised Crime Agency (SOCA) – including international clients too.
After that there is a 30 day notice to cancel monthly accounts.
For the yearly offer the account will be cancelled after 12 months has passed.