With General Data Protection Regulation (GDPR) on the horizon are you ready for the biggest overhaul in data protection rules for over 20 years?
In May 2018 the General Data Protection Regulation (GDPR) will bring changes to the rules that govern the way your organisation handles data, carrying fines of up to 4% of global turnover or €20 million for businesses that do not comply, whichever is higher. The European Privacy regulators have made it very clear they intend to use their new powers and it is important to remember these laws will still apply to UK businesses even after leaving the EU.
The GDPR, though it will have its challenges, brings the opportunity for boards to design the right data privacy strategy which can lead to competitive advantages whilst ensuring compliance and avoiding nasty fines. Read our five steps on how to get GDPR ready (7 minute read).
• How complete is our understanding of the requirements of the GDPR?
• To what extent have we mapped out all the processes (both IT systems and manual) that involve personal information and how complete is our personal information inventory?
• How can we better manage risk? What information do we hold, where do we store it and who is responsible for it?
• How can we ensure that our suppliers/partners are compliant?
• Once our data is in order, consider implementing a training scheme so all of staff are aware of GDPR and how they can comply with the new rules
It’s important to remember that in a post GDPR world, customers will understand what you’re doing with their personal information and more importantly, whether you’ve gained their consent to use it. Once you have gained consent, your teams will be empowered to harness the insights that this data demonstrates and you’ll be in a stronger position to develop tailored products and services for your customers, without being perceived as intrusive.