GDPR Is Here
The General Data Protection Regulation (GDPR) came into force on Friday 25th May and despite Brexit, UK businesses will need to comply.
In order to maintain business links with EU countries, the UK will need to create EU equivalent rules and regulations. GDPR is an example of this and must be complied with if businesses want to trade with the EU. The GDPR regulations are more favourable to consumers than businesses.
As personal information becomes more regularly shared and businesses now hold huge volumes of customer data, there is a need for management and control over what businesses can do with that information.
GDPR gives regulators the ability to apply large fines of up to 20m Euro or 4% of global annual turnover – whichever is higher, for non-compliance. As such, businesses need to take these new regulations seriously and will need to implement changes to the way they operate, depending on the type of personal data that they hold. This will include customer records, databases, CRM systems, etc.
In addition, firms will need to ensure that they have appropriate policies and procedures in place with regard to any personal data that they hold or process.
It’s also worth reviewing supplier contracts to ensure that these contracts are GDPR compliant. Finally, your recruitment and HR policies and procedures should be reviewed to ensure that personal data is managed in a way that is compliant with GDPR.
Now that GDPR is here, businesses need to make sure they have a plan in place to continue to monitor how they use and process data to ensure constant compliance.
For further information on GDPR, please contact Richard Bacon on 023 8046 1255.