“People to have more control over their personal data and be better protected in the digital age” under new measures announced by Digital Minister Matt Hancock.
You would have to be from another planet to not, at least, have heard the phrase GDPR (General Data Protection Regulation). But what is it and how does it affect you?
We’re all busy so, using the government guidelines, we have put together the bare bones of GDPR and what you need to have in place to ensure you don’t fall foul of the new laws as fines for non-compliance can be as high as €20M or 4% of annual revenue. Also, GDPR is still relevant, despite Brexit. It is a UK government backed regulation and furthermore, compliancy is vital if your business works outside of the UK. Laws aside, GDPR makes excellent business practice.
Where is your company’s data?
Understand what data you store and where it is located. This extends to any contact information you hold on anyone, anywhere in your business from central servers to databases on individual computers.
Make sure the data you hold is compliant
This means making sure that the data you hold is compliant, i.e. that it falls within all of the government guidelines for GDPR and data collection and also that you have gained permission to keep this information. Permission must have come directly from everyone on any list you maintain.
Secure your data
It is vital that you have taken steps to prevent the data being breached, lost or damaged. This is probably one of the most important areas of GDPR and is intended to prevent the careless leakage of people’s personal information.
Show accountability
As part of a GDPR check, you will need to show how you manage your data with all of the relevant audit trails and monitors in place.
As we said at the start, this all makes for excellent business practice and it’s something we’ve inbuilt into docSAFE with layers of security and a deep understanding of how it needs to work to show your company is compliant and, just as importantly, professional and efficient. Talk to us and we can steer you through the challenges of GDPR.