GDPR Compliance: What you need to know
What is GPDR?
GDPR (General Data Protection Regulation) is new government legislation which will be enforced from March 2018. It is a strict code of compliance for all data held by organisations in regards to individuals’ information throughout the Europe Community. Although the UK is leaving the EU.
This legislation is currently active, but not enforced yet, and will still come into enforcement whatever the outcome of Brexit.
How does GDPR affect you?
As a business, you will have to ensure strict data compliance in the way you store customers records, the period of time you keep these records, the manner in which you back these up and how the information is stored in your databases. Furthermore, all data transfer and communications have to be
encrypted, you will have to assign a Compliance Officer with a strong knowledge of GDPR, not just a tick box exercise!
The Compliance Officer has to report the data breach within 72 hours, preferably within 24 hours. You must ensure that GDPR compliance is strictly adhered to.
What are the penalties?
The penalties for non-compliance are heavy, it may even lead to SME’s going out of business or at least a permanent loss of faith in your brand and service or product.
- A warning in writing in cases of first and non-intentional non-compliance (only if GDPR compliance can be shown to have been attempted to be met)
- A fine of up to 10,000 Euro or 2% of annual turnover for
- Then a fine of twice as much in every subsequent year for
lack of compliance
How can we help?
We are GDPR and Cyber Security Experts. We have worked with many SME’s to examine their networks to check their existing systems for security breaches and have worked with them to implement ongoing GDPR compliance. Not just a tick list, but real implementation of the information requirements both technologically and with staff training. We also assist with communicating with any third parties that you store data with to ensure that they are GDPR compliant or recommend another 3rd party.
Contact us today for further information on how we can assist you in meeting these obligations ahead of the March deadline.
You can view our detailed service at Wimbledon IT’s GDPR Toolkit