What is the GDPR?
It stands for the General Data Protection Regulation. By 25 May 2018, all organisations (that use personal information) will have to become compliant with the regulation, which will bring substantial changes to Europe’s privacy laws. For example:
- Individuals (or data subjects) have significant new rights, such as the right to be forgotten.
- Consent will be harder to obtain and can be withdrawn at any time.
- Organisations will become responsible for data security, and must report breaches.
- Privacy notices will need to contain specific disclosures.
- Transfers of data to organisation’s outside of the EU will incur specific requirements.
- The new regulation will apply to organisations outside the EU who collect and process personal data from within the EU.
- Authorities will be able to issue fines up to 4% of annual worldwide turnover or €20m (whichever is the greater) for non-compliance, albeit as a last resort.
This is something that cannot be ignored – no business is too small that they don’t need to be compliant (see Why get GDPR compliant). The Information Commissioner’s Office (ICO) promises to use their new powers to enforce the regulation. Even after Brexit, UK companies will still be subject to the regulation as soon after the referendum the government confirmed that the UK would still sign-up to the GDPR.
Days remaining until GDPR D-Day
MERSEYSIDEDIGITAL is always looking for ways to help people and organisations develop and thrive through innovative support programmes and we can help you get your business GDPR compliant and, more importantly, remain compliant, via a comprehensive but user-friendly online system to get you up and running with an ongoing documented compliance process, along with optional services such as consultancy, onboarding and training.
If you are interested in finding out more about how your business will be affected by GDPR and for more information about the online service, please enquire here. You will also receive a complimentary copy of the 88 page EU regulation 2016/679 document along with a list of definitions used in the document.
GDPR enquiry form
Why get GDPR compliant?
The new regulation is going to happen – that is something that businesses will be unable to avoid. Although the aim of the new rulings is greater transparency, enhanced rights for citizens and increased accountability rather than onerous new business procedures, there is no avoiding the fact that the new regulation will have an important impact on all businesses. As usual with such far-reaching changes, there are some myths circulating which need to be viewed with healthy skepticism but there can be no doubt that GDPR needs to be addressed more as an evolution in data protection, not a burdensome revolution.
As reporting of data protection, data breaches and hacking become more high profile news items, there can be no denying that the public (i.e. your customers) are becoming more aware (or perhaps even wary) of the issues around their personal information and how it is used. Being able to prove that you are taking serious steps towards protecting their data and minimising the risk of misuse can only enhance your business reputation. There has already been a high-profile case where the ICO has had to impose their maximum £500,000 fine and there can be no doubt about the damage inflicted. Why take the risk of impaired brand reputation when the costs involved can be significantly reduced by a cloud-based service in order to help build trust against misuse.
Online GDPR service
This cloud based service is geared towards small to medium sized businesses, who want a fast track way to becoming compliant and remaining compliant. It gives you all the tools you need to protect your business by helping you improve how you handle personal data, be it your employees, customers, partners or suppliers. Starting with a “setup wizard” (Business Interview) you will be able to get your GDPR journey up and running in no time at all. Registering with the service, you will have the option to go down the “DIY” route or request a helping hand from a MERSEYSIDEDIGITAL consultant for onboarding, training and more.