GDPR Don’t Panic, Just Prepare

On Monday I shall be at the GDPR Summit in London, helping DBR Data to support SMBs and SMEs to get GDPR compliant with the help of GDPR Mentor software. They have until May 25th and whilst there is no reason to be scared, there is every reason to make sure you are compliant. Thankfully, the days of data mis-using or abusing data should disappear, but it won’t happen overnight.

GDPR Compliance Sign May 25th 2018 Small Business Support My Words Work For You

Ready?

GDPR in a Nutshell

As I have said in a previous post, it is all about transparency but that starts with awareness. Companies have got to know, and be able to account for, every movement of data that occurs, with both electronic and physical data. If there is a data breach, they have just 72 hours to provide a report about what has happened and how. If your company had a breach of data on a Friday, would you be able to report on it by the following Monday?

1st Step: Awareness

The first step to compliance is awareness. Are you aware of:

  • What information you store
  • If any of the data is ‘sensitive’
  • Why you are storing it
  • Where and how you are storing it
  • How you use it
  • How long it is stored for
  • Who has access to it
  • How it is being transferred, when, and why

Why Are You Holding The Data?

Ask yourself:

  • Is there a legitimate interest? I.e. In order to perform a service e.g. ‘It is time for your dog’s booster’
  • Do you intend to use the data for marketing? E.g. To send out emails telling them about other products/services.

If your intention is to use it for marketing purposes you must be compliant with ePrivacy Regulation (currently known as PECR).

GDPR – a Chance to Tidy Up

This sounds like a massive chore but on the plus side, think of it as a chance to streamline your processes, reduce costs, clear out unnecessary/unused data and introduce a more structured, manageable system. Added to that, you are reducing the risk of hefty fines by gaining compliance.

GDPR Next Steps

  1. The first step is to create a privacy notice on your website. This is your chance to be open and transparent, tell people what you are holding and why, how it is held and what you intend to do with it. DBR Data offer a free Privacy Policy generation tool.
  2. The time-consuming part is yet to come, you need to make yourself fully aware of your data systems and of any data transfers that happen within your organisation, you must now be able to account for it. Software is available to make this process comprehensive and straightforward.
  3. Contact every individual making them aware of your Privacy Policy and crucially, giving them the option to withdraw their data.

Your data subjects have rights over their data management including the ‘Right to Erasure’.  For a complete summary, the ICO have produced a ‘12 Steps to Take Now‘ guide.

GDPR Make it Happen

If you have been ignoring GDPR and hoping it won’t affect you, now is the time to look it in the eyes, grab it by the horns and steer it the way it has to go. There are benefits to be had for businesses as well as consumers.

Providing Small Business Support makes me happy, have a look around my Blog.

 

About Nicola Dunklin

Experienced and proficient content writer with a proven track record of success.
This entry was posted in Small Business Support and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.