What is the GDPR?
It stands for the General Data Protection Regulation. Since 25 May 2018, all organisations (that use personal information) have to be compliant with the regulation, which have brought substantial changes to Europe’s privacy laws. For example:
- Individuals (or data subjects) have significant new rights, such as the right to be forgotten.
- Consent is harder to obtain and can be withdrawn at any time.
- Organisations are responsible for data security, and must report breaches.
- Privacy notices need to contain specific disclosures.
- Transfers of data to organisation’s outside of the EU incur specific requirements.
- The new regulation applies to organisations outside the EU who collect and process personal data from within the EU.
- Authorities are able to issue fines up to 4% of annual worldwide turnover or €20m (whichever is the greater) for non-compliance, albeit as a last resort.
This is something that cannot be ignored – no business is too small that they don’t need to be compliant (see Why get GDPR compliant). The Information Commissioner’s Office (ICO) promises to use their new powers to enforce the regulation. Even after Brexit, UK companies will still be subject to the regulation as soon after the referendum the government confirmed that the UK would still sign-up to the GDPR.
MERSEYSIDEDIGITAL is always looking for ways to help people and organisations develop and thrive through innovative support programmes and we can help you get your business GDPR compliant and, more importantly, remain compliant, via a comprehensive but user-friendly online system to get you up and running with an ongoing documented compliance process, along with optional services such as consultancy, onboarding and training.
If you are interested in finding out more about how your business is affected by GDPR and for more information about the online service, please enquire here. You will also receive a complimentary copy of the 88 page EU regulation 2016/679 document along with a list of definitions used in the document.
GDPR enquiry form
Why get GDPR compliant?
The new regulation is in place – that is something that businesses are unable to avoid. Although the aim of the new rulings is greater transparency, enhanced rights for citizens and increased accountability rather than onerous new business procedures, there is no avoiding the fact that the new regulation has an important impact on all businesses. As usual with such far-reaching changes, there were some myths circulating which need to be viewed with healthy skepticism but there is no doubt that GDPR needs to be addressed more as an evolution in data protection, not a burdensome revolution.
As reporting of data protection, data breaches and hacking become more high profile news items, there can be no denying that the public (i.e. your customers) are becoming more aware (or perhaps even wary) of the issues around their personal information and how it is used. Being able to prove that you are taking serious steps towards protecting their data and minimising the risk of misuse can only enhance your business reputation. There has already been a high-profile case where the ICO has had to impose their maximum £500,000 fine and there can be no doubt about the damage inflicted. Why take the risk of impaired brand reputation when the costs involved can be significantly reduced by a cloud-based service in order to help build trust against misuse.
Online GDPR service
This cloud based service is geared towards small to medium sized businesses, who want a fast track way to becoming compliant and remaining compliant. It gives you all the tools you need to protect your business by helping you improve how you handle personal data, be it your employees, customers, partners or suppliers. Starting with a “setup wizard” (Business Interview) you will be able to get your GDPR journey up and running in no time at all. Registering with the service, you will have the option to go down the “DIY” route or request a helping hand from a MERSEYSIDEDIGITAL consultant for onboarding, training and more.