GDPR… HERE COMES TROUBLE!
Is it a bird? Is it a plane? No, it’s the biggest shake up of data protection laws this century but the good news is, you don’t have to be a superhero to comply.
25th May 2018 is a key date for your diary. If you are in business or work for a large organisation, then write this down. Save the date and mark a big red circle or X on your calendar.
This is huge! You see from 25th May, the new General Data Protection Rules come into force which deliver a whole set of new rights and protections for consumers’ data.
In addition, there are key responsibilities on organisations to ensure they conform with the new data processing law – and with fines of up to €20 million it could cost you big time.
Also be warned! There are people out there actively waiting for your organisation to slip up. Please don’t let that be you!
So why all the fuss, what’s GDPR all about?
Data. Personal data. In our modern, digital work data is key. Just think how much personal data your organisation holds on any one person, or on any one family. Chances are there will be multiple sets of data probably on multiple systems.
Under the “old “ rules this was fine. As long as the data was secure and used in a responsible way, then the organisation complied with the Data Protection laws.
However, with GDPR that changes. Now organisations have to show they have CONSENT from people to hold their personal data. This in itself is a major shift. Think about it, when did your business or organisation last get consent to use a person’s data. Did you even ask?
Also, think about the systems and copies of data that exist in your organisation. Has the data been transferred from one system on to another? Is it up to date – when was it last checked. These are key questions – all of which will be asked as a result of GDPR.
Looking at the new law, the key provisions are that people’s data must be:
- Processed in a lawful and transparent way
- Collected for an agreed and explicit use
- Relevant and limited to carrying out such a use
- Accurate and up to date
- Time limited to the amount of time needed for the agreed use
- Securely stored and processed – to avoid loss or breach of data.
Underpinning all this is the presumption of CONSENT. That you have the person’s permission to use their data and that you are using it for the purpose that they gave consent for.
So what to do? If you don’t have super powers how can you possibly comply with such big changes in such a short time!
The best advice is to make a plan. Someone within the organisation needs to take responsibility – indeed GDPR makes it a requirement to have a in place a Data Protection Officer whose responsibility it is to oversee compliance with the GDPR rules.
As part of the plan, a data audit needs to be undertaken. To actually find out:
- the amount and scope of personal data held by the organisation
- what the data was collected for
- whether the data is still being used and used correctly
- was consent given and
- whether the data is being held securely and has been kept up to date
It’s about “getting your house in order” and being sure you are in control of your data… so that it’s not in control of you!
Clearly, bringing your data together into one system. A system that was safe, secure, easy to use and keep up to date would be of massive benefit to your organisation.
Just think of the stress and hassle you would save. Not to mention the time in updating and checking, various multiple systems.
With the potential for a legal and logistical minefield, it’s critical that your organisation gets ahead of the game. To make sure your data is fit for purpose and fit to use.
That’s where we come in. At Web Labs, we are industry-leading experts in data and information systems. From customer relationship management to document handling and storage systems – we are serious about data.
Small enough to care and big enough to cope, we have a range of value for money and easy to implement software systems that take care of GDPR and much more.
We’ll help your organisation to be more efficient and more productive. Saving you time and money. As well as a potential multi-million pound fine and the huge cost to your reputation of falling foul of the new laws.
So talk to us and get GDPR ready!
Last updated: 03 March 2018