The European General Data Protection Regulation has been described as one of the biggest changes to data protection in Europe since 1995. This makes it particularly important to understand the ins and outs of this new change and what it means for your data management and protection.
The EU General Data Protection Regulation (GDPR) was adopted on 27th April 2016 and it becomes fully applicable in May 2018, with a 2-year transition period. Companies and businesses will face legal and financial penalties if they are not complying with GDPR by May 2018. Penalties may be as high as 4% of a company’s global revenue or £15 million, whichever is larger. The current penalty fine if you breach the UK data protection act is £500,000 so this is a considerable step up.
In simple terms, the GDPR is:
- A legal requirement for all data operators
- Enforced in all European countries
- Essential for all companies who handle data of European citizens and residents
- Essential for all companies based in the EU and abroad if they are processing data of European citizens and residents
What do you need to do to comply with the GDPR?
Keep the following points in mind to ensure your company complies with the GDPR by 2018:
You need to be sure that all key leaders and decision makers in your company are aware of the law change. They need to understand the depth of the impact it will have.
You need to make sure you keep full and proper documented records of the personal data you hold, where it came from and who it is shared with. You may want to carry out a full information audit.
Review Privacy Information
You should carry out a full review of your privacy protocol and notices. Put a plan in place to make sure any changes necessary are made in time for GDPR implementation.
Check your procedures in relation to the rights of all individuals whose data you hold or may hold. Ensure you have proper procedures in place for data deletion and data sharing.
Keep it Simple
All documentation and policies you have in place may need to be rewritten to comply as the GDPR states all policies must be written in plain English.
How can Buy IT Back help you become GDPR compliant?
This may sound like a drawn out process but with as much as 4% of your global revenue at stake if you do not comply with the new legislation. For more information in how Buy IT Back can help you to become GDPR compliant please call us directly on 01621 786860 for some free advice.