The general data protection regulations or otherwise known as GDPR are a new set of laws that will come into force on May 25th 2018.
The law is an update on the traditional data protection act and is set to affect every company that handles information and data. Although it was part of EU law, it has since been moved over into British law.
In summary, the change in the rules and relegations are set to become more tighter and stringent with heavy penalties to all those who abuse how they handle data which is not in line with the proposed new legislation.
How can you prepare your business for GDPR?
A website is now a primary means of data collection for so many businesses and naturally the best place to start to ensure you are adhering to the new law . A good way to start this process is to map out all the different processes that collect data on your site within your company and outside of it.
Look at what data you have – is it relevant to your customers and where are they from? If you can break data down so you know which county, age, gender they fall into, it will be easier for you to respond to any requests from customers about information.
The new GDPR states that the authorities must be informed within 72 hours of a data breach, leak or loss. Having an action plan in place in case anything goes wrong is a great idea. How will you inform the authorities? How will you inform customers? What’s the plan to rebuild customer trust? What is your data recovery process? All these need to be taken into consideration as part of a Data Information strategy for those wanting to ensure they remain on the right side of the law.
The GDPR has a huge impact on many areas of different industries. The best advice is to read up as much as possible from reliable sources.