GDPR - basic information
We wrote about GDPR in our last newsletter and are doing so again, as it will have an impact on the majority of our clients and connections.
In order to maintain business links with EU countries, the UK will need to create EU equivalent rules and regulations. GDPR is an example of this and must be complied with if businesses want to trade with the EU. The GDPR regulations are more favourable to consumers than businesses.
As personal information becomes more regularly shared and businesses now hold huge volumes of customer data, there is a need for management and control over what businesses can do with that information.
GDPR gives regulators the ability to apply large fines for non-compliance. As such, businesses need to take these new regulations seriously and will need to implement changes to the way they operate, depending on the type of personal data that they hold. This will include customer records, databases, CRM systems, etc. They will also need to ensure that they have appropriate policies and procedures in place with regard to any personal data that they hold or process.
It’s also worth reviewing supplier contracts to ensure that these contracts are GDPR compliant. Finally, your recruitment and HR policies and procedures should be reviewed to ensure that personal data is managed in a way that is compliant with GDPR.
The ICO have a 12 step guide as a starter - download and read it here.