How will GDPR affect your business?

How will GDPR affect your business?

Everyone seems to be talking about General Data Protection Regulation (GDPR) at the moment, almost to the point of information overload. For small businesses, it can be hard to cut through all the noise and find what they really need to know and where to get the right advice.

GDPR is the new EU data law, replacing the Data Protection Act on 25th May 2018 and it will apply to all companies that process any data in the EU (including the UK post Brexit)

Given the extent of the changes coming into force under the new regulation, and the increased penalties for non-compliance, preparing for GDPR is something that organisations of all sizes should be making a priority over the next 12 months.

To get businesses thinking about GDPR, we’ve teamed up with Sheffield business, Russell Richardson who have complied top 10 tips to help SME’s prepare for the regulation changes.

1. Take the advice that’s out there. With GDPR on the way, there is so much information readily available. The Information Commissioners Office (ICO) are the regulatory body and have plenty of guides and information on the website providing accurate and impartial advice.
2. Ask the experts for help. This is different to the above! GDPR covers such a broad spectrum that it’s unlikely one person or company will have the knowhow to deal with it all.  If you don’t have the technical knowhow when it comes to systems and protecting data, there will be someone out there who has. When it comes to physical data storage and destruction, speak to a company like Russell Richardson with expertise in this area. The cost of prevention is almost always less than the cost of the consequences.
3. Don’t think you’re organisation isn’t big enough to worry about data protection. Just because the media tend to focus on data breaches in large organisations, the ICO have made it clear that they will be regulating organisations of all sizes and data thieves often see SME’s as an easy hit.
4. Take some time to ask what data you process and hold, why you have this information, who is responsible for it and are they up to date on data protection training?
5. Think about end of life and secure disposal. We’re always hearing about password protection, encrypting data and keeping it safe while we’re using it. But what happens to the data when it’s time to get rid of that computer, laptop, mobile, USB?
6. Share the knowledge – unintentional errors by employees can cause the most serious breaches. Share what you find, encourage everyone to think about data protection and provide training.
7. Don’t forget the basics. It’s easy to miss the little things like throwing an odd invoice in an under desk waste paper basket slip.
8. The flip side of the above – think about the not so obvious places data is stored. Items such as photocopiers, scanners and printers can contain hard drives that should all be disposed of properly.
9. Be prepared. The earlier you start getting ready, the better. Taking steps now to implement good practice ensures that compliance is embedded in your organisation by May 2018.
10. Embrace the new regulation – it’s there to protect you and help keep data safe, not catch you out!

For further information on GDPR and how Russell Richardson can help your business contact Nicky Hellewell on  07450549001 / nicky@russellrichardson.co.uk   www.russellrichardson.co.uk/

Alternatively, if you’re all sorted where GDPR is concerned and recruitment is on your ‘to do’ list you can contact us on 01143211873 / hello@www.glurecruit.co.uk