This May will see a change in the rules governing management the personal data of EU citizens. Is your business ready for the changes to the way personal data is handled?
What is GDPR?
The General Data Protection Regulation (GDPR) is an EU regulation that will come into force on 25 May 2018. It centres around personal data protection for EU citizens, and aims to unify data privacy laws across Europe.
Many businesses and organisations that hold data will be affected. Non-compliance with GDPR can mean significant fines for those in breach, so for those that have not already done so, it is time to start preparing.
How do I know if I’m affected?
According to EUGDPR.org, the new regulation “applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects”.
Any companies which process and hold personal data of EU subjects, no matter where the business is based, fall under the remit of GDPR. So yes, you are most likely affected.
What measures must you take to comply?
The main points of GDPR for businesses to comply with include:
- Request for consent and purpose of data collected must be intelligible – for sensitive personal data, users will have to “opt in” rather than “opt out”
- Individuals must have the right to access their data
- Individuals must have the right to withdraw consent and prevent further dissemination of data
- Those concerned must be notified if there is a security breach
What measures are we taking to comply with GDPR?
We are currently updating all our customer websites to be GDPR compliant.
For more information please visit the Information Commissioners Office website: Here
If you have any further questions then please leave a comment below.