When GDPR came into effect on Friday 25 May it toughened up and modernised the rules regarding the processing of personal data.
There are training session you can attend – see the Growth Hub events calendar at https://bit.ly/2Jp8yz4 to see what awareness raising events are taking place that could help benefit your business in being GDPR compliant.
We’re one week into GDPR now and it’s a racing certainty that many businesses are still confused and possibly worried.
One very helpful source of information is the Information Commissioner’s Office – https://ico.org.uk/. This covers all areas of the new regulations, explains under what circumstances you should inform the ICO if you have a breach, and also provides a simple self-assessment test for businesses wondering whether the rules apply to them: https://bit.ly/2pTq8iV
On the same page you can also find a list of FAQs for small businesses in a range of sectors including financial services, hospitality, education, health and charity, plus a small business advice line and live chat service.
So how can companies check they are complying with the law? Take a look at the package of tools on the Information Commissioner’s Office website specifically for small businesses: https://bit.ly/2zFuAZY.
Last but not definitely not least: the penalties for not following the rules. Not only can non-compliance cause businesses reputational damage, fines get higher the more serious the breach of the rules. The maximum fine a company can face is 4% of its annual global turnover, or €20 million, whichever is the highest. Less serious violations, such as having improper records, or failing to notify of any breaches, can be fined a maximum of 2% of annual global turnover, or €10 million.