The clock is ticking. Are you ready for GDPR?
GDPR comes into force on 25 May 2018 so it’s not far away. However, becoming GDPR compliant is not the end of the story. As each business evolves it will need to regularly monitor its compliance to make sure it continues to meet its legal obligations.
With the deadline approaching you should by now have taken steps to review, and where necessary, upgrade your existing data protection policies, procedures and processes.
By now many of you will have carried out a data privacy audit and prepared a compliance programme based on your gap analysis. Your audit should have enabled you to identify the personal data you collect and how it is used, shared, stored, amended and deleted.
Having reviewed a number of audits there are some key issues that every business should have in mind. These are as follows:
If it helps, we have designed a GDPR Data Health Check Questionnaire which will help you through the questions listed above and many others. From this you should be able to design a compliance programme that meets the needs of your business; one size does not fit all. If you would like a free copy of our questionnaire please email Noel Ruddy.
It’s also worth bearing in mind the new Data Protection Bill, which is currently making its way through Parliament. The Bill will ultimately replace GDPR (as well as making further changes and additions). The date it will come into effect has not yet been confirmed. We will have fun working out when it will apply when we leave the EU!
On a final note, the ICO annual fee is changing with effect from 25 May 2018. From that date there are tiers which determine the fee in terms of turnover or staff, whichever is higher. If you fail to pay the correct fee it can result in a minimum penalty being incurred of £4,350. There could also be other adverse repercussions too!
If you wish to discuss any privacy aspect please feel free to contact any of our GDPR team who will be able to assist and guide you.
The content of this webpage is for information only and is not intended to be construed as legal advice and should not be treated as a substitute for specific advice. PDT Solicitors LLP accepts no responsibility for the content of any third party website to which this webpage refers.