As the new GDPR (General Data Protection Regulation) legislation is now in force, you will need to check if you are compliant or risk receiving a €20M (Yes, that's 20 Million Euros) or more penalty.
Small companies with less than around 200 employees, or who process small amounts of customer data will not be expected to fulfil all aspects of the the GDPR entirely. However, all companies will have to show they are taking steps to better protect their customer's data whilst allowing them full control, including updating, transferring and destroying wherever practicable.
- You will need to ensure that you have explicit and recorded consent to share your customer's data (personal or identifiable) with any third parties, and to ensure you retain records of what you have shared with whom. This is a MUST for compliance.
- You will require secure storage and retrieval of customer data, allowing it to be updated as and when a customer requires it.
- You will need to securely transfer required customer data securely to and from third parties, controllers and processors.
- You will also need to carry out ongoing information audits, including removal of old records, checks on what types of data you are storing and how secure the data is.
- Your software and IT tools such as mailing and CRM comply with GDPR and you're not retaining any personal data you do not use.
- Additionally, all your employees must be informed about the new regulations and how it affects their responsibilities and their duties.
If you have no idea what the GDPR is or you need more information, full details of the GDPR are available at the Information Commissioner's Office, along with overviews, penalties and definitions of 'processor' and 'controller'.
Although GDPR compliance certification is not yet official, I offer a compliance check service and can offer solutions and advice to get you, and keep you, GDPR compliant...
- Information Audits;
- Data Storage Audits;
- Compliance Checking;
- Data Administration;
- Secure Data Solutions;
- Help and Advice;
Call or e-mail for further details,