Prepare for Compliance with the EU GDPR with GDPRPLAN.COM
On the 25th May 2018, the EU GDPR (General Data Protection Regulation) replaced the 1998 UK Data Protection Act, as well as every localised interpretation of Directive 95/46/EC.
The UK Government confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR, even during the process of withdrawal from the EU (it will run alongside the UK Data Protection Act 2018).
What You Need to Know
The EU GDPR:
- Is now enforceable, whether you are ready or not.
- Is designed to protect various types of personal data going in and out of the EU, and affects ALL EU Citizens – whether they live within the EU or outside.
- APPLIES TO ALL EU MEMBER STATES INCLUDING THE UK – REGARDLESS OF BREXIT!*
- IS NOT AN ISSUE THAT YOU JUST HAND OVER TO YOUR I.T. OR LEGAL DEPARTMENT TO DEAL WITH – IT AFFECTS YOUR ENTIRE ORGANISATION!
Companies who either Collect, Process or Transfer personal data of EU Citizens must*:
- Implement appropriate technical and organisational measures that ensure and demonstrate that compliance (which may include policies around areas such as staff training, internal audits of processing activities, and reviews of HR policies).
- Maintain relevant documentation on processing activities.
- Where appropriate, appoint a Data Protection Officer (DPO).
- Implement measures that meet the principles around the Confidentiality, Integrity, and Availability of personal information.
- Use Data Protection Impact Assessments (DPIA’s) where appropriate.
With quoted fines of up to €20m or 4% of global annual turnover (whichever is the greater), “doing nothing” is not an option!
Even if you do not receive a fine, the reputational damage to your business (as a result of the negative publicity) could potentially lead to:
- Loss of customers and revenues
- Drop in share-price and business valuation – leading to shareholder unrest
- Class action lawsuits (by any affected individual)
Work With Qualified Professionals at GDPRPLAN.com
Our qualified team are here to help you on your journey towards compliance with the EU GDPR. We have achieved the following globally recognised Data Protection, Project Management and Information Security designations (as a minimum) and are members of IAPP as well as the British Computer Society (BCS):