Call us on
0370 1500 100
All businesses that use personal data had until 25 May 2018 to comply with the new General Data Protection Regulation (GDPR) legislation. Non-compliance can lead to potential fines of up to €20 million or 4% of annual worldwide turnover, whichever is bigger.
The GDPR requires businesses to carry out a root and branch review of how they collect and use personal data. Doing nothing is not an option and the sooner you start the better.
Are you ahead of your competitors or lagging behind? We surveyed business leaders around the country to learn what they knew about GDPR and what preparations they were making.
Not only can the Data Protection experts at Irwin Mitchell help your business meet the compulsory 2018 GDPR deadline and avoid fines, but can also help you reap the rewards of compliance. The three key rewards of getting your personal data compliant are:
Knowing what challenges and hurdles you face is essential for achieving compliance. You need to understand where your compliance currently stands and how big a hurdle you face.
Some of the main changes businesses must prepare for before May 2018, are:
Individuals can require you erase their personal data from your systems. Whilst you need to have a process to action this, the right is not as wide ranging as you might think. You need to understand its scope, what your obligations are and how you need to reply to requests.
Individuals already have a right to access their data you hold. This right will be extended. Additional information will need to be provided and generally in a shorter timescale. You also won’t be able to charge a fee.
Data breaches which impact on privacy will have to be notified to the ICO and individuals affected within 72 hours of it happening. Breaches can range from a customer database being hacked to putting a letter in the wrong envelope. You will need to monitor your systems to know whether or not there has been a breach.
You need to be open with individuals about what data you are collecting and what you are doing with it. Fair processing notices and privacy policies need to be updated.
Not all use of personal data needs consent. If you do rely on consent then your consents need to be looked at. Consent will be harder to obtain and maintain under GDPR.
We understand that achieving GDPR compliance may seem overwhelming. Every business is unique and so a one size fits all approach won’t work. We have specialist lawyers who are already advising businesses on how to become compliant. We will work with you to understand what your business needs are and agree a pathway to compliance.
In view of the potential fines you need a true specialist to help you navigate through to compliance. General advice in this area will not be enough. GDPR compliance should be treated like a marathon, not a sprint, and compliance requires long term planning and preparation.
Don’t leave compliance to the last minute. Get in touch with one of our Data Protection experts today. We’ll be with you every step of the way.
Find out more about GDPR
Request a call back
Enter your details below and we'll call you back, at a time of your choice.
This data will only be used by Irwin Mitchell for processing your query and for no other purpose.