Is your company ready for the General Data Protection Regulation (GDPR) ?

The GDPR has been described as the most important change to data privacy regulations in 20 years, altering the landscape for businesses across Europe.  And while the UK is officially headed for an exit from the European Union, the GDPR will still have an enormous effect on British businesses as UK organisations will still need to comply.

The regulation brings in some significant changes, including much tougher penalties however much of it will seem familiar as it’s a development rather than a complete overhaul.  The biggest difference is that it moves away from the previous ‘principles-based’ system to a prescriptive one, that places a higher burden on Companies to comply.

Organisations that are not fully compliant can face fines of up to 4% of worldwide group turnover – combine this with the damaged reputation that a data breach can cause and this would be an almighty blow for business.

The GDPR says you have to actually embed compliance into your organisation, and you have to be able to demonstrate the steps you are taking to achieve compliance – so it’s not enough that you are complying, you have to be able to demonstrate the measures you’ve put in place to get there.

Take a look at the ICO website for more information on how these new regulations will affect your business https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/accountability-and-governance/