Can your business afford a £16 million fine?
Have you heard about GDPR?
GDPR (general data protection regulation) is new legislation for how businesses handle data. It will come into effect on 25th May 2018. Failure to comply with this legislation could see your business hit with a £16 million fined or 4% of the company profit.
How does it affect me?
If you hold sensitive data or data about your customers, you will need to comply with this legislation or face the fines. In addition to being fined there are clauses that allow the affected parties to take legal action.
So if you lose someone’s data you will be liable for compensation to the individuals data you have lost as well.
How to prepare for GDPR?
- Read the regulations: You will need to familiarise yourself with the new regulations, you may need to appoint data protection officer, if you do suffer a breach you will need to let all affected parties know within 72 hours.
- Write policies: You will need policies to say how you handle data, who has access to the data, where you got the data from and what you will do in the event of a data breach. You will need to make sure that you can prove that all staff have read, understood and comply with these polices. Finally, you will have to regularly review and make sure that you reflect any changes in the business and the way the business obtains and handles data.
- Tighten security: You will need to make sure that you have taken all possible precautions to securing data. Install anti-virus, network traffic management and monitoring, use of strong passwords and making sure that your physical security is up to scratch (these are just some small steps on the road to GDPR readiness).
- Consider what data you hold: Some of the new rules focus on the rights of the individual or consumer, you will need explicit consent to hold their data and to use their data.