HomeInsightsBlogGDPR Tactics – We’re all in this together

Insights

Blog // 24/10/2017

GDPR Tactics – We’re all in this together

Understanding GDPR - read our #BrighterThinking tactics

At up to 4% of annual turnover, the penalties for not complying with the GDPR are significant. But as the clock ticks down to the 25th May 2018 deadline, ensuring that your business is compliant is no simple matter.

The GDPR is the biggest change to data protection in a generation…so how’s your plan for change in your business going?


What does GDPR mean for you and your business?

In short, A LOT. The new legislation is aimed at bolstering the already strong data protection rules, by giving consumers (you and us) greater control over how our personal data is stored and used. The legislation is complicated and far reaching meaning that simply ignoring it is not an option.

Don’t just take our word for it, listen to the Information Commissioner Elizabeth Denham on the importance of the GDPR

What if I or my business is not compliant by 25th May 2018?

Understanding GDPR data protectionEarly indications suggest that any business or individual caught breaking the rules will be liable for sizeable fines.

For example, a small infringement could see a business fined up to 10 million Euros or 2% of global annual turnover. For more serious breaches however, the fine could rise to 20 million Euros or 4% of global annual turnover.

Take it seriously. The legislation should not be ignored and the penalties for not being compliant are severe. It applies to ALL businesses of ALL sizes in ALL sectors.

The GDPR requires a significant investment of time to understand in order to apply the right course of action for your business compliance; but where to start?


Some BrighterThinking tactics

Create a project team and allocate roles, responsibilities and deadlines.

gdpr tactics

Bring together all those stakeholders who have access, control or use your customer data in to a single working group. This includes your marketing team, head of operations, customer services and even your HR team; yes GDPR even impacts how you communicate to your staff!

Communication and project leadership are key here, so ensure you have a project leader who can oversee all areas of the compliance project, scheduling regular updates and action planning.

Assess all business systems and processes.

Whether you’re a b2b or a b2c business you’ll be collecting, storing and using consumer data. This may include names, addresses, telephone, email and more personal data i.e. payment details and dates of birth. Assess each of your systems for how you are going to record, manage and store evidence of opt-in and understand what changes you may need to make.

Education. Education. Education.

Even though the legislation is coming, the implications and best-practice application to businesses of all shapes and sizes is still being determined. Therefore, it is CRITICAL that you (and your working group) not only understand the GDPR, but also stay up to date with the latest developments.

Don’t forget your staff!

As well as considering your staff data privacy, it is really important that those who manage your business data know WHAT GDPR IS, the IMPACT it will have upon their roles moving forward, HOW they can ensure they follow the rules and WHAT to do in the event that the data is compromised.

Read a summary of Menzies own GDPR tactics.


Some useful data protection resources

To get your started, here are some great resources to help you understand and spread the word about the GDPR.

GDPR & your business sector

View the ICO’s resources to help you comply with your responsibilities to information rights:

 

January 2018 Update: The Information Commissioner’s Office has now published a set of frequently asked questions about the General Data Protection Regulation (GDPR) specifically with regard to charities.

Toolkits

Need to get a benchmark of your data and GDPR compliance? These self-assessments will give you a great foundation to understanding where your focus should be:

For more information the impact of GDPR and your business data, contact a Menzies team member for any professional advice.

Print Friendly, PDF & Email


RELATED CONTENT
  • management buy-out of leading skincare and beauty distributor

    Our corporate finance team has advised Ken and Maggie Lamacraft on the sale of international skincare and beauty product distributor Ken Lamacraft Marketing LTD (KLM) to the Management team of Fiona Peerless and Kevin Gambrill for an undisclosed sum. KLM is responsible for distributing the popular skincare brand Australian Bodycare in the UK and various […]

    Print Friendly, PDF & Email
    READ MORE >
  • Making Tax Digital – What you need to know about the Government Gateway

    Simon Armstrong – MTD Systems Expert So, you’ve got your head around HMRC’s Making Tax Digital (MTD) requirements and have a compliant software solution in place, but how, and when do you inform HMRC that you are MTD-ready? Digital Account? Business Tax Account? Government Gateway? Let’s make sense of it all… The MTD sign-up process […]

    Print Friendly, PDF & Email
    READ MORE >
  • VAT Flat Rate Scheme and buy to let property ownership

    Many self-employed consultants take advantage of the Flat Rate Scheme for VAT accounting as a way to reduce the level of administration work required. Whilst the record keeping may be more straightforward, care should be taken in choosing to use the Flat Rate Scheme if the individual has other sources of income. VAT returns for […]

    Print Friendly, PDF & Email
    READ MORE >