So, the much talked about 25th May has been and gone and, guess what? Amazingly the world hasn’t ended just because GDPR is now in force!
You may have noticed some panic about GDPR amongst business owners in the last few weeks. However, as the Information Commissioner’s Office (ICO) has stated, you have one-year advisory period to ensure that you comply with what is the most significant shakeup in data privacy in 20 years so this state of panic is not necessary!
What is GDPR and why should you know about it if you’re a business owner?
As consumers do and store more online, the threat of data breaches and privacy lapses are ever present, but UK citizens’ privacy rights are not well protected.
The GDPR (General Data Protection Regulation) builds on the existing Data protection act 1998. The GDPR is aimed at giving consumers the right to know, limit, delete and correct information about themselves. The regulations will provide consumers with better access to the personal information collected about them and improve corporate accountability for data handling.
What benefits will I see in my business from ensuring GDPR compliance?
Firstly, you’re legally obliged to ensure your business is compliant with GDPR regardless of whether it would bring any benefits. However, there are huge benefits to companies that complete ‘data hygiene’ checks in preparation for the May deadline. Let’s look at a few:
You will have complete confidence that your customers have given informed consent for you to market to them and it will bring better engagement with customers, enabling you to be better able to direct more targeted marketing to them.
By ensuring your business is compliant you are securing your reputation. After all, major breaches have made global headlines!
Having a good reputation for handling and processing customer data compliantly, as well as being known for being ‘secure’, will bring new customers and boost customer loyalty among existing customers.
Where do I start with ensuring my business is compliant?
The GDPR is a chance to get your house in order and conduct ‘data hygiene’ practices to clean up your data collection and retention practices ahead.
If you haven’t already started (it’s OK, we won’t tell the ICO!), here’s a summary of the process that you should be undertaking in your business:
- Conduct Data Audit
- Reconsent Active Users
- Appoint a member of staff as DPO
- Assess Encryption
- Establish Retention Period
- Put Clean Policies and Procedures in Place
- Communicate internally and externally
For more information click to visit ICO website.