Are you GDPR ready?

Not sure what it is or what it means to you then read on………

GDPR or General Data Protection Regulation comes into force on 25 May 2018 and replaces the current Data Protection Act. Regulated by the ICO, the UK’s independent body set up to uphold information rights, the new law gives people more control over how their data is used, shared and stored. It requires organisations to be more accountable and transparent about how they use data.  This change could have an impact on your business and is a legal obligation for you to comply with.

As far as we can see it isn’t quite as simple as being able to provide you with a list of what you can and can’t do as these will vary from business to business. However, as a starting point the ICO advise you to consider the following:

  1. Know that the law is changing
  2. Make sure you have a record of the personal data you hold and why
  3. Identify why you have personal data and how you use it
  4. Have a plan in case people ask about their rights regarding the personal information you hold about them
  5. Ensure that you clearly tell people why you want their data and how you intend to use it before collecting it from them
  6. Ensure that this data is held securely
  7. Develop a process to make sure you know what to do if you breach data security rules

Additionally there are key principles which should be adhered to by all businesses, these being:

  • Data should be processed lawfully, fairly and in a transparent manner
  • Data should be collected for specified, explicit and legitimate purposes and should not be further processed in a manner which does not meet these stated purposes
  • Data collected should be adequate, relevant and limited to what is necessary for its intended purpose
  • Data should be accurate and up to date. Every reasonable effort should be taken to amend or erase data which is no longer correct or contemporary
  • Data should not be kept any longer than is necessary to fulfil its stated use
  • Data should be processed in a secure manner including protection against unauthorised or unlawful processing

As each business is different we strongly suggest that you visit the ico’s website for more information and to see how this change in legislation will impact your business:  www.ico.org.uk

Kind regards,

Neil Combe

Crieff Succeeds BID Ltd.

T: 07412 84798