GDPR: what is required?

Sometimes you can take a quick look at something and you fill in the gaps with what you know it should say – especially with things that are particularly familiar.  The familiar can change and it could be so easy to miss it – Did you spot the deliberate error in the picture? Perhaps you don’t know that the top right picture is John Lennon – which is just scary from my perspective! (there was no Dave in the Beatles).

The UK Data Protection Act 1998 will be replaced just before its 20th birthday with a new Act based firmly on the General Data Protection Regulation.  It’s still all about protection of personal data, which could mean that you think that your current approach is fine but the changes are not particularly subtle and they will take time and effort to implement in an organisation.

Look closer

It’s time to take a closer look at what you do in your business, consider the impact that you have in handling a person’s data and change the way you do things to ensure that you are compliant with the new regulations.  The UK Information Commissioner has recommended you consider 12 steps:

  1. Become aware of what’s changing
  2. Document what information you hold
  3. Review how you communicate about privacy
  4. Check procedures support peoples rights
  5. Ensure prompt handling of access requests
  6. Identify your lawful basis for processing
  7. Refine how you seek, record and manage consent
  8. Establish processes to protect children
  9. Make sure you are prepared to report a data breach
  10. Familiarise yourself with Impact Assessments and implement them
  11. Consider your need for a Data Protection Officer
  12. Determine your International requirements

Gydeline is an online service which can help you identify what is required now and as your business changes – try it for a month and find out for yourself.

And when it comes to personal data, remember:

Possession isn’t nine-tenths of the law. It’s nine-tenths of the problem – John Lennon

How Gydeline helps

We, at Gydeline, help small and medium sized organisations save money and time by building systems, processes and policies that simplify their business and support their sustainability aims.  We do this with a range of services.

If you would like to discuss any aspects of dealing with this and other risks in your business we are always happy to offer some, free, no obligation assistance – just contact us.

Related Posts