Still confused about the #GDPR regulations that come into place, in less than 5 months? Our blog series on the topic aims to dispel some of the myths around your responsibilities!
GDPR stands for General Data Protection regulations, which is being put into place on 25th of May 2018.
The GDPR is put in place to outline what companies can and can’t do with regards to processing personal data. Every organisation will have to comply with the new law, but not every business will need to appoint a Data Protection Officer.
Companies that deal with businesses within the EU (this includes the UK regardless of Brexit), must comply with the GDPR.
Even with the UK’s decision to leave the EU, the government has confirmed that it will not affect the commencement of the GDPR.
Four simple steps to planning your GDPR process;
- Breach response;
Detect and respond to the threat before a breach occurs but if a breach does occur, you need to know the details and the impact of the breach
- Risk assessment;
Establish a risk assessment process to ensure controls are appropriately designed and implemented
- Compliance management;
Establish a compliance program to ensure controls are effective and operational
- Data governance;
Know where the data is in the enterprise and who has access. Implement controls in data processing activities
The majority of organisations who handle data, be it email marketing, connections on your social networks, or a client database, will need to comply with GDPR.
With less than 5 months to go before the law takes effect, firms need to ensure you start the process of cleansing as soon as possible to avoid any penalties.
If you would like help with GDPR compliancy or any element of your marketing, please contact our expert team via the website or call 01246 586330.