May 2018 is a big month, the two bank holidays and hopefully, some sunshine to go with them, a Royal Wedding and most importantly for all businesses, the new General Data Protection Regulations (GDPR) come into force on 25th May, just one month away now.
What is GDPR
GDPR is a piece of European legislation, but it will be adopted into UK Law once we leave the EU, and it applies to everyone, no matter how big or small your business, and there are no exemptions.
Under GDPR there are greater fines, up to an eye-watering €20 million, or 4% of turnover (whichever is the higher) and individuals can claim compensation for financial loss and for distress. Whilst GDPR comes into effect immediately for everyone, it is hoped that the Information Commissioner’s Office (ICO) will encourage organisations to address issues, rather than immediately reaching for the handcuffs! But it is likely that they will be tougher on those who have done nothing!
GDPR has been designed to address the modern world of data and how we use it. It affects all areas of your business that process personal data, so that’s your customers, suppliers, website users and your employees, contractors, consultants and temporary workers too.
With much bad press of late about data misuse in businesses such as Cambridge Analytica, Morrisons supermarkets and Yahoo, getting it right is critical as apart from the fines, reputational damage to your business can be a very real hazard.
Here's what you need to do
So, if you haven’t already got everything ship shape, or are not confident that what you have is correct, here’s a quick list of what you need to do in the next month to be ready:
1. Start with an audit of your data – what do you hold? How do you get it? Why do you hold it and for how long? How do you hold it? What procedures do you have to monitor data? How do you get rid of it and who is responsible and looks after everything?
2. Become familiar with the new GDPR rules, be informed, assess your risk and exposure so you can do something about it.
3. Consider how you can show you are compliant with GDPR, such as:
There is much more to GDPR than this simple list. If you need help, advice or assistance, or simply a health check, please do get in touch. We have experts who can get it right for you, so there are no unexpected trip wires to fall over!!
About Nicky Machin, Puffin HR Ltd...
With 25 years management experience, a Master’s degree in employment law and a fellowship from the CIPD, Nicky is proud to deliver excellence and expertise in the employment and management of people. Her extensive experience is enhanced by her approachability, clarity, cultural awareness and hands on delivery of ‘do how’ as well as ‘know how’.
A true HR professional with over 28 years' industry experience, and a refreshing attitude to my industry that might surprise you!
Post articles and opinions on Manchester Professionals
to attract new clients and referrals. Feature in newsletters.
Join for free today and upload your articles for new contacts to read and enquire further.
