General Data Protection Regulation, or GDPR, have overhauled how businesses process and handle data. Our need-to-know GDPR guide explains what the changes mean for you.
What is GDPR and why is everyone talking about it?
The General Data Protection Regulation (GDPR), are rules designed to address the collection, storage and use of personal data. Enforcement became effective from the 25th of May 2018.
What does this mean for my small business?
Your business is required to comply with new regulations regarding the secure collection, storage and usage of personal information. Fines will be charged to businesses that fail to comply. Depending on how you currently collect or process personal data and the size of your business the impact of GDPR on your business will vary.
How can I start to ensure that I comply with GDPR?
We recommend that you seek specialist advice to assist you with the following:
- Ensuring that you are transparent around why data is collected and how it is used.
- Reviewing what data you hold, where it is currently stored and who has access to it.
- Reviewing your privacy and consent statements and policies.
- Knowing when you should report a data breach and who it should be reported to.
- Having the ability to delete data or correct/update information.
- Having a process in place for when an individual decides to exercise their right to see the data you hold on them.
Where can I get further help?
The Information Commissioner's Office (ICO) website provides access to:
- A small business helpline