Wait, it’s April next week? Where does the time go?
Many businesses may well be thinking this as we head off for our Bank Holiday weekend. The deadline to comply with the General Data Protection Regulation (GDPR) is creeping up so fast – are you ready?
The GDPR should be the first thing on your to-do list, if it’s not been ticked off already. Now’s the time to get your company prepared.
Earlier today we held our ‘GDPR: two months to go’ webinar with a host of special guests.
UKFast Enterprise MD Jonathan Bowers was joined by several leading IT professionals, all ready to give their vital insights into the world of GDPR.
The panel was inundated with questions from business leaders and IT professionals wanting to get everything in place for 25th May – that’s GDPR Day to you and I.
Take a look at the webinar highlights to get your top GDPR tips and find out exactly where you should be at this key stage.
1 Ask yourself this important question
Do you have lawful grounds to be holding peoples’ personal data?
Many companies are holding personal data ‘just in case’, but is this really necessary? In many cases, the answer is no.
Think about your users and how they see the privacy of their own personal information – step into their shoes to understand GDPR from their point of view before you scurry their data away.
Lawful grounds for keeping data include:
2 Make your senior leader team aware
Everyone in your business needs to know the ins and outs of GDPR: it encompasses everything you do as an organisation.
Ensure your top team are aware of the implications of not being compliant in time for the deadline, advising them of the pitfalls they might face:
For example, verbal consent of data sharing is not binding; if you take someone’s business card at a conference, this doesn’t necessarily mean you have the right to use this information. Always get written consent from them and keep an audit trail.
3 Assess the risks to you and your organisation
What do you have to lose if you are not GDPR compliant by 25th May? Do you want the honest answer?
Reputation, trust and money are all crucial to your survival as a business. Different sectors face different risks and it’s time to pinpoint which area you need to focus on. How can you mitigate this risk?
4 Consent is key
Get clued up on exactly what to include in your consent forms.
These should be sent out to your clients, telling them exactly what their data will be used for and assure them it’s being securely stored. Data controllers must report breaches within 72 hours, so you must be clued up on exactly what to include in your data consent form.
If you are hosting through another company, it would be a good idea to name this host in your data consent form so that clients are aware of this and can see that a third party has access to their info.
5 Don’t panic!
There are still two months to go – the most important thing is to make sure you have everything in place, ticking all the boxes, without missing any of the small print.
So grab a cup of tea and get your GDPR ducks in a row.