What does GDPR mean for Small and Medium businesses?
GDPR seems to be all anybody in the cooperate world is talking about now, with people offering classes on the new law change, to people deleting everything they have on file to do with users cough Wetherspoon's Social Media. GDPR is the flavour of the month, and the conversation is getting a little wild!
What does it mean?
For the majority of us who have good practice, it’s nothing to worry about. The information commissioner isn’t out to get people and shut down small businesses who make up the majority of the UK’s GPD, but there are some things to keep in mind!
- The law is definitely changing so key decision makers and people in charge of databases should familiarise themselves with the changes.
- Make sure that all the information you hold is documented, that you know who you got it from and who you share it with, if you don’t, get rid of it!
- You should review your privacy information. Put in a plan for making necessary changes in time for GDPR.
- Check your procedures! Make sure they are applied to consumer rights and that you have a process in place for deleting and providing personal data, electronically and in a commonly used format.
- You should update your procedures and plan how you handle requests with the new required time scales.
- You should identify the lawful basis for your processing activity in the GDPR, document it and update your privacy notice to explain it.
- You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.
- You should start thinking now about whether you need to put systems in place to verify individuals’ ages and to obtain parental or guardian consent for any data processing activity.
- You should make sure you have the right procedures in place to detect, report and investigate a personal data breach.
- You should familiarise yourself now with the ICO’s code of practice on Privacy Impact Assessments as well as the latest guidance from the Article 29 Working Party, and work out how and when to implement them in your organisation.
- You should consider whether you are required to formally designate a Data Protection Officer.
All of this information is 1. Free and 2. Available from the Information Commissioners Office Website.
Stay safe with our maintenance package
If you are worried that you might not have some of the processes in place and are looking for a little more support we’re re-launching our support package just in time for GDPR.
If you have a website that stores the personal information of your clients, you should have a support package to make sure you aren’t likely to get hacked as well as being able to keep your website up-to-date and working properly, to avoid having to scrap the whole thing and start from scratch.
The benefits of a support package
- Never worry about updates again! We’ll do all the updating of your site each month to make sure it’s working in tip- top condition
- Keep your site working hard for you
- Keep your site meeting user’s needs.
- If something breaks – we’ll fix it, if a piece of code no longer works on your site we’ll go in to see what’s happening. The same with if a button stops working, so a user can’t do what they want with the site
- Advice on how to manage content and upload new pages.
Get in touch today to find out more and set up your monthly support package.