Less than 12 weeks to go – are you GDPR ready?!
What is it?
On 25 May 2018 the European General Data Protection Regulation (GDPR) will come into force across the EU. This means that the greatest shake up of data protection laws in Europe will be applicable in the United Kingdom in a mere twelve weeks’ time. Don’t despair – there is still time left to prepare for the impact that the GDPR will have on your business or organisation. In this first of our “final countdown” twelve blog posts leading up to 25 May, we will provide some guidance on what practical steps you can take to ensure your business is GDPR compliant.
The first, and most important step to GDPR compliance is awareness – despite all the media attention and early warnings issued about GDPR there are still many organisations who are unaware of the change in the law. Those that are unaware may find it difficult to get senior management approval for the necessary changes required. You need to act now!
Is your organisation ready for the GDPR? Here are some questions to test your organisation’s awareness levels:
- Have you heard about the GDPR?
If you have not heard about the GDPR, now is the time to engage with the subject. It’s not too late! The GDPR is a major piece of legislation which may leave some businesses confused and overwhelmed by the impact it may have. Discussing the GDPR and engaging key members of staff is a vital first step on the path to compliance.
If you are aware of the GDPR, it is vital that senior staff members and those key decision makers within your organisation understand the impact GDPR will have on your business or organisation and have taken steps to identify risk areas and build a compliance programme suited to your needs. You can read the ICO’s Guide here: https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
- What data does your business use?
Many organisations are not aware of what data they have, where it came from and if they even still need it! In order to identify areas where your organisation may need to make changes to be compliant with the GDPR, you first need to know what data you have and whether your processing complies with the new GDPR standards.
Once you have identified potential compliance issues, you can start to make changes to those areas to ensure GDPR compliance.
- Do you have a dedicated compliance coordinator in place?
Perhaps put in place a small team to co-ordinate what needs to be done; and if you don’t have capacity maybe consider employing external assistance to ensure that your GDPR compliance regime does not hinder business progress.
It is not too late to start preparing – don’t leave preparations to the last minute!
Our dedicated data protection team have advised many businesses in relation to their GDPR compliance programme and regularly assist clients in implementing documentation and policies aimed at GDPR compliance. If you would like any further information on GDPR compliance, please do not hesitate to contact our team.