There can’t be many businesses unaware of the upcoming introduction of the GDPR (General Data Protection Regulation) – But not all are aware as to how this will actually affect their business.
The GDPR is the EUs revised and updated approach to data protection applying to every organisation that handles data relating to any living person in Europe.
And before you ask – even Brexit hasn’t changed the need to comply!
The handling of data has changed greatly in the past few years with businesses storing, sharing and manipulating more than ever before. Previous data protection laws had little impact or repercussions, with B2B largely excluded. Websites have offered ‘soft opt ins’ and email addresses collected for mail shots simply until a customer requests that they stop.
The EU have identified that companies need to become more careful when handling and storing data – reinforced by recent big, high profile, data security failures and breaches of trust. Therefore all will have to comply with the new regulations when collecting, storing and using personal information.
You have until 25th May 2018 to make sure that your business complies with the new guidelines, demonstrates consent to process data and prove that steps have been taken to implement GDPR principles – or face fines.
The new regulations are built on 6 principles:
Legality – Data collation should adhere to lawfulness, fairness and transparency towards individuals
Purpose Limitation – Data should be held for specified explicit and legitimate purposes and not further processed for additional reasons.
Data Minimisation – Stored data should be identified as adequate, relevant and limited to what is necessary.
Accuracy -Data should be accurate with the right to correction without delay – all data should be kept up to date.
Storage Limitation – Data should be stored for no longer than is necessary for the purposes for which processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical
Security – Collated data should be protected and stored with integrity and confidentiality.
Do you even know what data your company is storing, how it is collated? What is it used for? Do you know where and how this data is backed up? How will you deal with any data losses as you transfer over to meet the new guidelines? Don’t panic!
We can help!
We can help you to identify your current collation procedures and make sure they will meet the upcoming changes. Where they don’t we can help you put best practices in place and seamlessly move your data to the correct storage medium with minimal loss and disruption.