GDPR: How will it affect you?

How will GDPR affect you?

The current Data Protection Act (DPA) is going to be replaced on the 25^th May 2018 with the General Data Protection Regulation (GDPR) – meaning the way you manage information and data within your business will need to change.

What is it the Data Protection Act (DPA)?

In 1998 the DPA law was passed, impacting the way information about people/businesses can legally be used and handled.  The reasoning behind it was simply to protect individuals against misuse or abuse of information about them, preventing businesses from selling or passing on your information.  It was basically introduced to stop your information from ending up in the wrong hands, however this will be superseded by the new legislation.

What is it the General Data Protection Regulation (GDPR)?

The GDPR is a new data protection regulation which will strengthen the security and safety of all data held within an organisation. The GDPR will introduce tougher fines to non-compliance or breaches, giving people more control over what businesses do with their data.

Why introduce the GDPR?

The main objective of the GDPR is to protect personal data, enforcing stronger data security and privacy rules among organisations.  The internet has changed the way we communicate on a daily basis, we send emails, purchase goods online, pay bills and share documents, sometimes without even thinking about how our information is used online.  The current legislation was introduced before the internet created ways of exploiting data and the GDPR is looking to address that issue.  Data is stored digitally when you are checking your banking information, social media posts and even your IP address, so by strengthening data protection legislation, we should improve trust in the digital economy.

Preparing for GDPR

• Educate yourself – GDPR is being put in place to make businesses accountable for breaches and loss of data, so security features need to be put in place and understanding how hackers operate, is essential.
• Awareness – Make sure everyone within the business is aware of the new rules surrounding data regulation and how this will affect the business.
• Privacy Policy – Review the current privacy policy as its likely some changes will be needed and put a plan in place for the changes.
• Evaluation – Evaluate how your business currently handles data and what security is in place to protect it. Consider how the data is collected about your customers and clients and where it is stored.

The main purpose of the GDPR policy is to keep companies better protected against breaches in security. Having the right strategy and system in place will ensure your business is prepared and secure for many years to come.