The General Data Protection Regulation (GDPR) comes into force on 25 May, 2018. This will mean changes to the way that your business uses and stores data.
- Impact on the way you can collect, use and retain data
- Increase the amount of resources you must allocate to data protection
- Require employees to undertake a proportionate level cybersecurity training
- Affect the manner in which you use electronic communications
What is GDPR?
GDPR is the new legal framework for all EU member states. It will replace the existing UK Data Protection Act (DPA) with tighter laws and tougher penalties for organisations who fail to comply. Even though the UK is due to leave the EU in 2019, GDPR regulations will continue to apply afterwards as it relates to any data being held in respect of any EU citizen.
How is it different?
There is a greater emphasis on businesses justifying why they have information and how they use it. You will need processes and procedures around data collection, retention and destruction. You should only hold and use data for legitimate purposes.
Why does GDPR matter?
The penalties for non-compliance are tough. Really tough. Fines can be up to four per cent of global turnover, or €20 million, whichever is higher. The fines will be used to “encourage businesses” to take data privacy seriously.
How can Fiander Tovell help?
We have produced a helpful GDPR Guide which is FREE to download here.
Don’t panic, but don’t ignore. GDPR isn’t going to stop you dealing with customers, suppliers, employees etc. but it may well require you to deal with them differently.
We will be happy to discuss this with you further and assist you in getting on the right track. The specific needs of each business will be different and your required actions will be proportionate to your level of data held.
To find out how we can help you, please contact us today.