The countdown is on to General Data Protection Regulation (GDPR).
The countdown is on to General Data Protection Regulation (GDPR) compliance. You have just over 8 months to get your business ready – RedBrick IT are already helping other customers and can help your organisation prepare too.
What is GDPR?
GDPR is the Data Protection Act re-written as a result of the huge change in the digital nature of our lives since this act was written in 1998.
The new legislation will be enforced on all UK organisations that hold personal data on EU residents from 25th May 2018.
It gives people more say over what companies can do with their personal data.
It will unify data protection rules across the EU.
“Introduced to keep pace with the modern digital landscape, the GDPR is more extensive in scope and application than the current Data Protection Act (DPA). The Regulation extends the data rights of individuals, and requires organisations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organisational measures.” IT Governance
How does it affect my business?
The regulation requires organisations to develop clear policies and procedures to protect personal data. Any breaches are subject to hefty fines.
Some firms will need to appoint a designated data protection officer, largely this affects businesses with over 250 employees. This person needs to have expert level knowledge of data protection laws.
Breaches to data protection must be reported to your data protection authority within 72 hours of the breach.
Companies should endeavour to reduce the amount of personal data they store and ensure it is not stored for longer than necessary.
You will need to document what personal data you hold, where it came from and who you share it with.
Companies also need to manage the process used gain consent to store personal data.
You will need to raise awareness within your business and communicate the impact it will have on their day to day processes and ensure all employees are fully trained on the required changes.