What is GDPR? If you deal with customers and hold any information on them, General Data Protection Regulation changes this will impact on your business and you need to be up to date on what you need to do. Our trainer, Andy, outlines below some details about the forthcoming changes.
On 25th May 2018 new data protection legislation is introduced in the UK which is a significant upgrade in the requirements of the current Data Protection Act 1998. The principles of keeping data private and secure remains at its heart but GDPR introduces legislation to comply with our ever dependant digital and data world
- GDPR requires ALL businesses to evidence and prove their compliance with data protection; it’s no longer acceptable just to do the right thing. This means you need policies and records in relation to all data and any processing by you or 3rd parties
- The scope of GDPR has widened so you need to know from your suppliers how they use any of your or your clients data and have contracts in place to agree accountability for the data e.g outsourcing of IT or payroll is using your data
- Personal data now includes new areas such as IP addresses, biometrics, genetics, photographic images and anything that can identify a person. As a result, you are now probably capturing and in control of data that falls under the new legislation. E.g CCTV?
- Any data you hold must be for legitimate reasons or you must have the express agreement of the person providing it. Generic Terms and Conditions on data protection or opt out clauses may no longer protect you. For example, are you sending newsletters or info to your clients/contacts……you need their permission!
- Your website / external privacy notices need to explicitly explain data subject rights and what you do with and who you share the personal data you capture.
- A data subject rights have escalated so businesses now need to meet a whole host of new potential requests within 30 days and for free!
- If you hold any personal data for children (under 16s) then you now need parental permission and to use terminology that they will understand
- Data needs to be secure with encryption or psuedonomysation for data at rest and in transit. Your IT support will or should know what this means!
- If you are subject to a breach and let’s face it, with cyber-crime escalating it is very likely to occur, you must report your breach to the regulators within 72 hours
- Failure to comply with GDPR will be costly not only in the fines that could be levied but also to your reputation, so don’t get caught and ensure you and your staff are trained and ready
We are running a series of 3 hour workshops with Andy Styles, to help you be fully prepared and confident to face all the upcoming changes taking place. These are being held on the following dates and are priced at £149 per person + VAT. This includes all training, materials and handouts, and certificates, together with refreshments at the lovely Handpicked surroundings:
20th September at Chilston Park Hotel, Lenham (between Maidstone and Ashford)
25th September at Brandshatch Place and Spa Hotel, Longfield (Nr Dartford)
2nd October at Chilston Park Hotel
19th October at Brandshatch Place
To book, please call 01892 832059 or email email@example.com