GDPR – the cost of getting it wrong

In the UK, the Data Protection Act 1998 sets out how organisations must handle data and that includes a number of ways in which a company can be penalised.

The new legislation, the General Data Protection Regulation (GDPR) that comes into effect on the 25th of May introduces tougher penalties.

Let’s look at some of the fines issued this year under the DPA and the change to enforcement penalties under the new GDPR. Read more

Data breaches – a rising tide of scandals

Data scandals seem to be coming thick and fast these days. Every week it feels like a different company is hacked or wrapped up in some form of scandal involving the personal information of their customers. Let’s look at how and why it might be happening. Read more

GDPR checklist – wake up and start preparing

Talking to small and medium sized businesses it would be fair to say that the attitude towards GDPR compliance is a little sleepy. Some might even say sloth like. The fact is, the General Data Protection Regulation (GDPR) will be enforced from the 25th of May 2018, requiring all organisations that handle EU residents’ data to abide by new rules and regulations. That includes England, Scotland, Wales and Northern Ireland. Read more

Hiring a GDPR consultant? Read this first.

  • You’ve read 12 steps to take now from the ICO in preparation for the GDPR. ✔
  • You’ve read our Start Preparing For GDPR Today blog. ✔
  • You’re aware that the law is changing, and GDPR will apply from May 25th 2018. ✔
  • You acknowledge it will have an impact on how you manage the information you have on customers, marketing recipients, suppliers and employees. ✔

It sounds like you’re on the right track when it comes to GDPR. Now, it’s time to move on to step 2 – documenting the information you hold, where it came from and who it’s shared with. Hang on a second. This audit is much bigger than you first thought.

Do you have customer data sitting in different websites, billing systems, customer relationship management and email management systems?

Does your business hold sensitive information kept on paper in files such as health information (e.g. think children’s nurseries, nursing homes for the elderly)?

An audit of all the information you have in your business is required but you don’t have the time or skills to organise it yourself. You’re on step 2 out of 12 and you’re facing up to the fact you need help from a GDPR expert to get it all done.

If the above scenario sounds familiar, you are not alone. Although many of the principles in GDPR are similar to the current Data Protection Act (DPA) there are now extra requirements. GDPR puts an emphasis on accountability and that means documenting the data you have, how you share it and how you protect an individual’s privacy.

Who who can help with GDPR?

If you are seeking a qualified expert to help prioritise data and complete the vital steps towards compliance with GDPR read our three tips on choosing your GDPR consultant.

 1. Do they have a legal or data protection background?

A person with a legal background or first hand experience of data production legislation including the current Data Protection Act 1998 is a must.

 2. Are they providing software or GDPR expertise?

An understanding of data protection has to come first. It is possible for some organisations to achieve compliance working with existing systems. You want someone to interpret how the legislation applies to the complexities of your business and who can then provide a clear  road map to compliance.

 3. Do they have GDPR crisis management experience?

Can this person advise and represent your business should you suffer a data breach? A consultant that has worked with you to achieve compliance will have the information and knowledge to help you manage any scenario being investigated by the Information Commissioner’s office.

Useful GDPR links for business:

  1. Preparing for the General Data Protection Regulation (GDPR) from the Information Comissioner’s Office (ICO)
  2. The ICO’s Guide to the General Data Protection Regulation (GDPR)
  3. Federation of Small Businesses video on GDPR by Elizabeth Denham
  4. Small organisations advice section on the ICO website

Start preparing for GDPR

Stressing out about the looming GDPR deadline of 25th of May? Relax! Be happy – Adlantic is here to placate the dread being felt by many small businesses right now. Read more