How many times have you heard the phrases ‘Don’t worry, there’s still time,’ ‘There’s always tomorrow,’ or ‘It’s never too late,’ and thought to yourself- they’re just saying that to make me feel better, and not to panic?
Well, these phrases seem like they were made especially for this week! You’re probably thinking to yourself- what are you talking about? Well, allow me to explain. The countdown to become GDPR compliant has been underway for some time now, but this week it enters the final furlong with the metaphorical winning post in sight (this metaphorical winning post is May 25th by the way). So, while you still have time on your side (as it won’t be for much longer and will quickly turn into your enemy), NOW is the moment to take action.
As mentioned in a previous blog of ours (about the efforts some companies are making to become GDPR compliant, the costs involved, and the potential financial penalties), you now also need to be aware of the last-minute steps that your company will need to make in order to satisfy these new regulations.
It is essential to understand the basics. This means having a general grasp of why the new legislations are so important. Firstly, you need to sort the wheat from the chaff in regards to knowing which information is correct, and which is a load of old tosh. You don’t want to be following legislations that aren’t the correct ones, and with all of the fake news that swirls around the internet nowadays, this is very plausible. When you have obtained the right legislations, and start to comply with them, you are well on your way to becoming GDPR compliant. Even if you aren’t, don’t overly worry about potential fines, as the new law is not there to take money from businesses, it’s to put the customer first.
Go through a checklist to see how far away you are from becoming GDPR compliant. This looks at the most vital points in the new legislations, enabling you to identify where you are, or aren’t compliant.
This will include;
- Doing an internal audit to determine what data you hold, how you use it, and where it ends up.
- Getting yourself and your staff accustomed to GDPR, while also making them aware of the rights it gives the individual.
- Making certain that your data security, handling, and processing arrangements are in writing, or procedures.
- Be sure to carefully delete any unwanted or unused data.
- Make sure your computer system stores data safely and correctly.
- Have a policy in place for handling subject access requests for when someone asks to see their data that you hold.
- Have prepared security in place, so that if there is any breach, you know how to deal with it.
- Make sure all policies with your customers and suppliers have been reviewed and amended.
- Review how you obtain your data, people must have the option to opt-in or opt-out.
- Have a system in place that can verify a person’s age (so that children cannot access unsuitable material).
- Lastly, if you have customers in other countries, make sure you comply with the country in questions regulations, and keep a note of who to contact in that country handy.
If you are still totally flummoxed by GDPR, contact an industry expert (such as ourselves), who will be more than happy to go through the ins and outs with you.
Remember, the sand timer is near its end, so please act now to avoid potentially losing your business valuable contacts and custom.
If you are still unsure about the new GDPR regulations, or need further assistance, please contact Brighter Directions on 01246 586330 or info@brighterdirections.co.uk
