GDPR is Coming

There has been lots of hype about the EU General Data Protection Regulation, (GDPR) coming through. With hefty fines for non-compliance, it is worth doing your homework and starting to prepare.

Why the Change?

The speed of change in technology is ridiculous, over 37 million people in the UK now have a smartphone, transferring vast amounts of data constantly. This means that the level of data being held digitally has significantly increased. The Office for National Statistics announced the following for 2017:

  • Over 90% homes have the internet – see figure 1
  • 77% adults bought goods or services online
  • Daily internet usage has gone from 35% in 2006 to 80% in 2017

households with internet 1998 to 2017

The increase in digital data opens the flood gates for data to be misused. For example:

There are more and more software applications coming through that scrape personal data and use it for marketing purposes without permission from the individual. Some of the programming is meant to be helpful; for example, identifying what the shopper is looking for, bringing forward the best deals to help them grab a bargain. The problem is that the shopper may not have asked for that service. I know that I have been on web sites having a browse only to find my inbox jammed with special offers on items I have looked at, even though I haven’t given my email address anywhere.

Hand coming out of left monitor refusing a shopping bag from a hand coming out the right monitor

To protect personal data the existing regulations are being tightened up and enforced to ensure companies act responsibly.

What is it?

  • GDPR is an evolution of existing data protection rules that enforces what businesses should have been doing.
  • It is focused more on data collection than data protection, it applies to both electronic and paper based data.
  • It is equally applicable to both Business to Business, (if you are emailing a specific person) and Business to Consumer companies.
  • There needs to be transparency on the data being collected; dataflow maps identifying where the data comes from, where it goes, why it is being used and when.
  • There needs to be documentation on the data being retained; what is being kept, why, where it is being kept and when it will be destroyed
  • The company will need to show how they have prepared for problems such as data breaches and disaster recovery

[action full_width=’yes’ content_in_grid=’no’ type=’normal’ icon=” icon_size=” icon_color=” custom_icon=” background_color=’#ffffde’ border_color=” show_button=’no’ button_text=” button_link=” button_target=” button_text_color=” button_hover_text_color=” button_background_color=” button_hover_background_color=” button_border_color=” button_hover_border_color=”]

HSBC Seminar – GDPR and How to Maximise Profits

I have teamed up with HSBC to host a seminar that will go through:

What is GDPR and what you need to do in time for 25th May 2018
Learn the Profit Formula – L x C = CU x T (Per CU) x ASV = R x PM = Profit
A client of mine will go through how he used the profit formula to turn around his business

Click to Find Out More

[/action]

What types of privacy data does the GDPR protect?

  • Basic identity information such as name, address and ID numbers
  • Web data such as location, IP address, cookie data and RFID tags
  • Health and genetic data
  • Biometric data
  • Racial or ethnic data
  • Political opinions
  • Sexual orientation

How long will it take to get compliant?

  • The process for clarifying the way your company holds data will vary depending on how much client, prospect, employee, supplier data is being held.
  • The estimate is between 3 and 6 months
  • A Privacy Notice needs to be developed; this needs to be accepted by all parties a company is holding data for.
  • The acceptance of the privacy notice needs to be opted in to every 6 months, if there is no activity or silence then it is the responsibility of the company to follow it up and the Information Commissioners Office will take this as non-compliance

The Privacy Notice will include the following:

Policy Notice - From top going clockwise Website, Data Breech, Data Recovery, Email & Internet, Data Security, Supliers, Prospects, Customers, Employees, Data Retention

What if I don’t comply?

  • The regulations come in on 25th May 2018
  • Non-compliance can be fined up to 20 million euros or 4% turnover, whichever is greater
  • Demonstrable compliance will need to be shown – i.e. you have done everything reasonably possible to comply
  • The initial step would be an enforcement notice from the Information Commissioner’s Office, followed by fines

A good place to start is to minimise the data being kept; complete a data audit:

  • Get clear on all the personal data your company currently holds
  • How long you keep the data for
  • Where the data lives

[action full_width=’yes’ content_in_grid=’no’ type=’normal’ icon=” icon_size=” icon_color=” custom_icon=” background_color=’#ffffde’ border_color=” show_button=’no’ button_text=” button_link=” button_target=” button_text_color=” button_hover_text_color=” button_background_color=” button_hover_background_color=” button_border_color=” button_hover_border_color=”]

HSBC Seminar – GDPR and How to Maximise Profits

I have teamed up with HSBC to host a seminar that will go through:

What is GDPR and what you need to do in time for 25th May 2018
Learn the Profit Formula – L x C = CU x T (Per CU) x ASV = R x PM = Profit
A client of mine will go through how he used the profit formula to turn around his business

Click to Find Out More

[/action]

Work out a simple way to communicate the process for collecting the data to all parties

As the GDPR regulations are 260 pages of text with 99 legal articles it is sensible to get professional help. From the advice I have been given the most important document is the Privacy Notice. The Privacy Notice outlines all your data collection processes and policies, it should be created specifically for your company – not copied from someone else.

This short blog is only a brief overview of GDPR, I hope it has been useful, please make sure your company takes time to look at

Are you kidding yourself about why your business isn’t growing as fast as it should?

© 2019 IQ4Business . Powered by WordPress. Theme by Viva Themes.