We’re on the home stretch. GDPR is mere months away now, and every day matters. It’s only by wrapping your head around the key principles that you’ll appease the authorities enforcing GDPR. Before May, you’ll need to know them like the back of your hand.
As we enter the final countdown to that all-important date, let us answer the key questions surrounding the General Data Protection Regulation to summarise our four-part GDPR blog series.
Does GDPR apply to me? If so, when do I need to be ready?
If your business holds any personal information on a living EU citizen, then GDPR applies – it’s as simple as that.
25th May 2018 is when GDPR officially comes into effect, but you’ll need to practice compliance-friendly processes beforehand to ensure a smooth, seamless transition.
What does my business need to do?
You will need to gain (and then maintain) a firm grasp of all the data your organisation holds as soon as possible, processing it according to the consent of the person to whom it belongs.
In other words, you must determine what personal information you own, and understand exactly what you’re allowed to do with it.
What do I need to do to show my business is compliant?
Compliance involves erasing any information you don’t intend to use or do not need (data minimisation) and educating staff from top to bottom on the fundamental principles of GDPR (senior employees should have a deep knowledge of the regulation).
Conducting pseudonymisation (processing personal data so an individual can no longer be identified from it) also helps to demonstrate compliance, as does creating a “culture of accountability” in the business i.e. embracing GDPR rather than resisting it.
What does GDPR mean for data breaches?
Data breaches are bad news at the best of times, but they’ve become even more serious with the introduction of GDPR. The regulation holds personal information in the highest regard, and businesses must now treat this data as high value.
If any of this information goes missing, you’re more liable than ever before. That’s why it’s imperative to encrypt data, enforce strong cybersecurity solutions, and train staff to handle data correctly. Otherwise, you could face penalties.
What are the penalties for non-compliance?
Failure to conform to GDPR means fines, and not just slap-on-the-wrist style penalties, either.
Devastating financial punishments face any business regarded as non-compliant: potentially 4% of your annual turnover or up to 20 million Euros (whichever is greater).
Our Essential Introduction to General Data Protection Regulation ebook outlines everything you need to know about the forthcoming (and enormously significant) EU-led directive, providing context, advice and guidance on GDPR compliance.
Worried about GDPR? Get in touch with Linten Technologies today. We can help your business conduct a thorough assessment of your data, to determine whether you’re ready for May 2018. Contact our team for an initial chat with our team to learn more.