General Data Protection Regulation (GDPR) – The Good, The Bad and The Ugly
Okay, let’s start with the bad news. The General Data Protection Regulation (GDPR) will come into force in the UK from the 25th May 2018 and recent surveys (by Netskope and Dell) have found that very few people know anything about it. The Dell GDPR Survey (of IT and business professionals with responsibility for data privacy as a significant part of their job responsibilities) found that more than 80% of respondents stated they know little or nothing about the GPDR.
These findings show that many organisations have an enormous task ahead to raise awareness of the GDPR, and to demonstrate fair and safe processing of personal data. This means it is very possible your organisation does not have a plan in place to achieve compliance.
Let’s not beat around the bush - the fines are massive. Depending on the nature, gravity and duration of your infringement, maximum fines for non-compliance will be €20 million or 4% of your annual global turnover. This is a dramatic increase from the current regime under the UK’s Data Protection Act. Minor breaches, similarly, will be subject to fines of 2% of global turnover from the previous year or €10 million, whichever is greater.
This is where things could get ugly. Regardless of whether the UK is in or out of the European Union, the government has confirmed that UK companies will be subject to the GDPR. Being fined will risk reputational damage, loss of customer trust, ceasing of operations, lost revenue and at worst business survival will be threatened.
GDPR is obviously good news for customers and consumers, who will feel safer sharing and entrusting personal data with third parties. There is other good news, great news in fact – if you start looking at what you need to do now, there is still time to ensure your organisation is compliant in time to meet the deadline.
In-Form Consult can help you assess what you need to do, and more importantly implement the changes needed to achieve compliance. We can work with you to assess your current practices for information governance, security and personal data processing, and how you will be impacted by the new legislation. We can deliver a detailed assessment of your readiness to meet GDPR and specialist support to implement the building blocks of effective data protection – from information governance and security to information architecture and technology to employee education and training.
GDPR will be the biggest change in data protection law for 20 years. Seeking help now will stop things getting ugly.
Contact us today by calling 08456 80 40 47 or email: firstname.lastname@example.org