Talking to small and medium sized businesses it would be fair to say that the attitude towards GDPR compliance is a little sleepy. Some might even say sloth like. The fact is, the General Data Protection Regulation (GDPR) will be enforced from the 25th of May 2018, requiring all organisations that handle EU residents’ data to abide by new rules and regulations. That includes England, Scotland, Wales and Northern Ireland.
If your organisation is one of the millions that handle data and need to comply with the GDPR, then you may be feeling a little out of your depth.
To help you understand what GDPR requires you to do, Adlantic has put together a checklist (and some other useful resources) to help ensure your business is compliant with new regulations.
1. Adlantic GDPR checklist for data breaches
Your business will need to manage, administer and protect personal data whether you work in B2B or B2C marketing. To help you prepare we have developed GDPR checklists based on the latest information available from the ICO.
Given the compliance risk keeping most privacy experts up at night is preparation and handling of personal data breaches, we’ve made it our top priority.
While this checklist is as up-to-date as possible, guidance may change right up to May 2018.
2. GDPR Uncovered event – 1st May 2018
Everything you wanted to ask about GDPR but were too afraid to ask. After our one day training event, you will emerge with a much better understanding of how to achieve the lawful, profitable and ethical use of personal data, in line with GDPR.
Our trainer is a fully qualified CIPP/E Data Protection expert, Hayley Jaffrey (CIPP-E CQP MCQI). During the one day event she will explain how GDPR will impact your business. Hayley will provide expert practical guidance on how GDPR impacts your business, and more specifically your marketing activities and use of personal data.
3. Getting ready for the new UK data protection law – 7 steps
1 – Know the law is changing.
2 – Make sure you have a record of the personal data you hold and why.
3 – Identify why you have personal data and how you use it.
4 – Have a plan in case people ask about their rights regarding the personal information you about them.
5 – Ask yourself: before I collect their data, do I clearly tell people why I need it and how I will use it?
6 – Check your security. This can include locking filing cabinets and password protecting any of your devices and cloud storage that you hold your staff or customers’ personal data
7 – Develop a process to make sure you know what to do if you breach data protection rules.
Watch the ICO video here.
4. IT governance video: ‘What does GDPR mean for your business in the UK?’
Alan Calder, the founder and executive chairman of IT Governance, answers the important questions surrounding the GDPR and how it affects businesses in the UK. He covers topics such as Brexit, reporting data breaches, proving your compliance and working out where to start.
Watch it here.
5. ICO: Resources and Support
The Information Commissioner’s Office (ICO) have created a package of tools and resources to help your organisation ready for the new laws. You will be able to find a variety of self-assessments, training videos, stickers and postcards to help you improve and promote information rights practices in your organisation.
These checklists will help you to assess your compliance with data protection law and find out what you need to do to make sure you are keeping people’s personal data secure. See the resources and guides from the ICO here.