Deborah Turner: Are you ready for GDPR?

by Deborah Turner, FSB Kent area leader

It’s been a bumpy first quarter of 2018 already, with the Carillion collapse, BBC broadcasters resigning over equal pay and Brexit negotiations continuing to dominate the headlines.

That is all without looking up to see what is on the horizon – and it doesn’t begin with B.

The thing I hear about consistently begins with G.

Is your firm storing data in a way which complies with new European regulations coming into force in May?
Is your firm storing data in a way which complies with new European regulations coming into force in May?

The sentence is usually along the lines of "are you ready for GPDR?"

Understanding the impact of GDPR - the new European data protection rules coming into force in May - seems like a big task to some smaller businesses.

This is especially because of the global scale of the new regulations.

If you run a business, you are more than likely dealing with some sort of personal data.

The way you need to handle this data is changing. These new regulations will affect businesses of every size and sector.

New powers could mean fines of £17 million or up to 4% of global turnover, whichever is higher.

This can be levied on non-compliant organisations, so we’re encouraging all smaller businesses, and our members, to be prepared.

One of the most important things you should keep in mind when preparing for GDPR is that you still have to adhere to the same ‘eight rights’ that apply to large businesses too.

This includes the right for consumers to have access to the data you hold on them and the right for them to object to the way you make use of their data.

The main difference will probably be how much you have to do to provide these rights.

A small business, for instance, will generally handle a far smaller volume of data than a large business.

Even though the volume may be less, firms still need to have the necessary procedures in place to be able to protect individuals’ data and deal with their request.

Some of us will have to make some changes to the way we operate. It might be adding more detail to a privacy policy to make it clear that the individual has the right to withdraw their consent to your processing of their data.

With the high potential penalties, ensuring your business becomes compliant and remains compliant is vital.

GDPR could affect your business in different ways, from taking on responsibilities to giving your customers new rights, to the time and costs needed to make changes to your company.

It might be a good idea to use a third-party expert to help do the work for you.

Good luck with all the preparations.

Close This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies.Learn More