Businesses are preparing for the General Data Protection Regulation (GDPR), which come into force from 25 May 2018.
All businesses holding personal data will need to ensure their procedures are fit for purpose and compliant when the new rules take effect next year.
Those businesses found non-compliant may face fines of up to €20 million – or 4% of annual global turnover.
What steps should you and your business take now to prepare for GDPR?
The Information Commissioner’s Office and the BCC are urging businesses to prepare for the GDPR changes. They are recommending that businesses take the following steps and review their current procedures where appropriate:
Holding information – organise the personal data your business holds, where it’s sourced from and who it is shared with
Privacy – review privacy notices and plan for further changes
Consent – review how you seek, record and manage consent and whether you need to make any changes
Data breaches – make sure the right procedures are in place to detect and report data breaches
Data protection officer – designate a Data Protection Officer to take responsibility for data protection compliance.
If you would like to discuss the impact that GDPR may have on you or your business please contact us on 020 7330 0000.