How do you prepare for GDPR?

With only six months to go before new GDPR rules come into force, it’s Stored data imperative you understand the implications for your business and begin to prepare.

The GDPR is EU legislation which has been driven by the new ways in which data is now collected and used. It aims to unify data regulation throughout Europe and give us all more control over what companies can do with our data.

“This means you need to review what information you store, how you store it and who has access to it, as well as processes and procedures for information retrieval and management. Your IT systems need to support your business processes, otherwise you could fall foul of the regulations and face severe penalties.” Steve Birks, MD

One particularly important aspect of GDPR relates to individuals’ rights. For example, your organisation will need to have robust procedures in place to delete or amend personal data or to provide data electronically upon request. This will be onerous for small businesses, but for businesses with data on 100+ individuals, the issue will require serious thought and consideration.

What are individuals’ rights in relation to GDPR? 

Individuals’ rights under GDPR include:

the right to be informed –this deals with how transparent you are with the use personal data

the right of access – customers will need to have access to the personal data you hold about them

the right to rectification – people can have personal data rectified if it is inaccurate or incomplete. If you have passed information to other organisations you will need to inform them of the need to rectify any inaccuracies

the right to erasure – also known as the right to be forgotten, this enables an individual to request the removal of personal data where there is no compelling reason for your organisation to continue using it

the right to restrict processing – an individual will have the right to restrict the processing of personal data which would mean you could store it but not further process it

the right to data portability – this allows individuals to obtain and reuse their personal data for their own purposes across different services

The above is not an exhaustive list – there are other compliance aspects you will need to address through your business administration functions, your business processes and your IT. From data collection and management through to access, security and retrieval, your IT systems will play a crucial role in helping you to comply with GDPR. Without the right IT support, you could fall foul of the regulations, or find compliance particularly burdensome.

It’s a good idea to start a thorough audit so you know what you need to do before the laws come into force in May next year. Look out for our GDPR Checklist coming soon.

Getting help

Our specialist team can help you to conduct an initial audit and set up your IT systems and processes to support GDPR compliance. Please get in touch to discuss GDPR and its impact on your business in more detail.

Tags: , , , ,