How to prepare for GDPR (General Data Protection Regulation)
What is GDPR?
The way in which businesses process data is changing. The General Data Protection Regulation is being introduced to replace the current 1998 Data Protection Act. GDPR will govern how businesses use, handle and protect personal data.
From 25th May 2018, businesses will be required to keep a record of all of the personal data that they hold, prove that they have the correct consent to be using the data, show how the data is being used and what controls are being put in place to protect the data.
So, how do I prepare?
Organise an information audit Begin documenting what personal data you store. Identify where it came from, the reasons why you store it and think about if you really need to continue to store this information.
Make sure that your employees have the knowledge that they need
It’s very important that you make sure your employees have the correct knowledge about GDPR. As an employer, you have to make sure that your employees understand when, how and why GDPR is coming into force and the impact it will create for businesses. It’s also very important that your employees have the correct knowledge of the new data protection laws so that in the unfortunate event of a data breach they are aware of how to resolve the situation positively.
As part of the new law you will now need to record and manage consent for the data you hold. Now is a good time to review or put in place any changes to comply with the new GDPR.
GDPR will come into force on 25th May 2018. You can find out more information about the upcoming changes by visiting the below links or visiting one of the many training / information events being held in the upcoming months.
Overview of the GDPR
Getting Ready for the GDPR
GDPR Events / Training