GDPR – just another load of letters or does it affect you?
You may have heard somewhere that the European data protection laws are changing next year on the 25th May and you may have yawned and thought, that’s really nothing to do with me.
For owners and managers of SMEs, think again!
A recent report from the Federation of Small Businesses (FSB) claims that SMEs are now more likely to be targeted by cybercriminals than their large corporate counterparts and cybercriminals consider SMEs softer targets!
The General Data Protection Regulation (GDPR) is considered a necessity for the protection of data in a modern internet based society.
It is also a chance for you to take a fresh look at your own data security as data breaches may impact on your business reputation.
So what does GDPR mean for you?
Your business must keep a record of how and when an individual gives consent to store and use their personal data. This means actually agreeing positively – it’s not enough to infer this agreement from a pre-ticked box. Individuals have the right to withdraw consent and then details must be permanently erased.
This means your business should review the existing data held and delete any for which there is not a valid reason to hold it.
The GDPR sets out the legal bases for processing personal data such as needing it to perform a business contract. Your business should therefore review what data it holds, whether it has consent to hold it and whether it needs to keep it.
Data should be kept securely and this will require you to review current practices to prevent data breaches.
Personal data can be a key tool for your SME if you are looking to target and retain customers – GDPR means this data must be handled with the utmost care.
You should consider planning for the GDPR now and consider an information audit and perhaps even a change in culture.
Can we help?
We have produced a checklist of actions you should undertake before 25 May 2018 to ensure you have a policy for compliance, to ensure you have the correct permissions and that data is stored as securely as possible. For a copy of this checklist please contact us.