Happy new year! The turkey has been eaten, gifts exchanged, and you’ve watched the fireworks illuminate the sky to the annual rendition of Auld Lang Syne. As the bells ring, in comes 2018, and as we head back to the office there’s an important milestone approaching fast – the General Data Protection Regulation (GDPR).
What is GDPR and when does it come into effect?
2018 is a hugely significant year for data protection, and the new GDPR will have a massive effect on all companies operating across Europe. The biggest change to data protection law in the last 20 years (since the 1998 Data Protection Act) becomes legislation on the 25th May this year, and its impact is set to be significant.
From May, GDPR will apply to each and every company operating in the EU, and the basic premise is that businesses will now more than ever be held accountable and be required to be transparent about their data use practices. The power dynamic has shifted to the consumer with GDPR, where, amongst other privileges, they hold the “right to be forgotten” and the ability to formally request all personal data held against their name.
Further, companies will be required to only collect data for a specific, stated purposes and timeframes whilst using that data only for that purpose. Almost all data is eligible under the regulations, with the only real stipulation being the data must allow for personal identification of an individual. And it’s not just customer data – we’re talking CCTV footage, staff HR records, email correspondence and a whole minefield of other data types.
So why should I care about GDPR?
The reason why companies are rapidly sitting up and taking notice on GDPR is the far stricter sanctions for non-compliance. Serious data breaches or failure to demonstrate any level of data protection processes are eligible for fines of up to €20M or 4% of annual global turnover (whichever is higher), imposed by the Information Commissioners’ Office.
I’ve not acted yet! What can I do?
Luckily there’s still time to act on GDPR. Dynamic Edge offer a complete technical data audit to ensure your IT is technically robust against the new regulations. As we approach the big day, our team of experts are assisting more and more clients to get GDPR fit in 2018 from our offices in Aberdeen, Dundee, Inverness and London. The good news is we still have availability to assist! Interested? Give us a call or email to chat through your GDPR needs and make sure you’re not hitting the headlines for the wrong reasons come May!