Are You Ready for the New Data Protection Laws?
As you may or may not be aware, in June of last year, the EU passed a new data protection law (GDPR) which comes into effect on 25th May 2018. This will have a big influence on the way in which every UK business manages its data.
As I’m sure you’re wondering, yes, this will still apply even if the UK leaves the EU: any business that processes personal data from EU citizens will need to comply with GDPR.
So what exactly is this new law?
It’s called GDPR (General Data Protection Regulation), and the main purpose of its introduction is to give people much more control over their personal data.
It will do this by giving people the ability to easily find out what information businesses hold on them, why they are holding it, how they are using it, and whether they want them to edit it, challenge it, port it (transfer) or purge (delete) it or not.
In conjunction to giving this power to people, the new law will also include a more severe punishment for businesses who suffer data breaches, with a fine of up to 20 million or 4% of an annual turnover now being deemed acceptable.
How can I prepare?
Lots of changes to consider then; changes which I’m sure will have left any business owner reading this wondering what they need to do in order to abide by the new regulations. Well, a good place to start is by thinking about what types of data you hold, why you hold it, and whether it will be acceptable to do so once the changes come into action.
It’s always a good idea to be proactive when it comes to making changes to your data protection policies. As well as avoiding rushing around at a later date, you will also get the added bonus of gaining trust and credibility with your customers because they will see you’re trying to protect their data and handle it securely and within the law.