The General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR)

WHAT IS GDPR?

The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU.

WHAT IS IT FOR?

GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

GDPR has been brought in to replace the 1995 Data Protection Directive.

WHERE IS THE BEST PLACE TO GET INFORMATION FROM?

The ICO (Information Commissioners Office), in our opinion, is an excellent place to find explanatory information and helpful guides. See more here.

They are the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

HOW DO I KNOW IF GDPR EFFECTS ME?

If you are a company that operates within the EU and you store any kind of personal data, you must comply. The regulation applies to all companies, irrespective of the nature and size of the business.

WHAT DO I NEED TO DO TO BECOME COMPLIANT?

Engage with a professional. It’s important to understand that not all law firms specialise in data protection so be sure to contact those that do.

Whilst it’s a cost all companies could do without, it will also be a weight off your mind knowing you have an expert to guide you through the process.

While you’re considering who to engage with, you should start thinking about the personal data your company holds and who has access to it. It is likely that you will need to carry out a company-wide data audit and you’ll need this information to hand.

To ensure everyone in your company complies, it’d be worth carrying out a training session so everyone is onboard. There are many sessions being held in and around Norwich so it’s worth signing up as soon as possible.

In addition to this, all data protection policies and practices should be updated (with help from a professional), before ensuring systems are put in place to govern them.

We recommend consulting with a lawyer for any legal advice pertaining to GDPR compliance ASAP.

GRIT will be taking the time to research and understand how we can help our clients over the coming months. Check back on our blog for further updates or contact the team