Our website will undergo scheduled maintenance on 28th and 29th November. During this period, you will be unable to access the website or book onto any events. We apologise for any inconvenience and appreciate your understanding.

The EU’s General Data Protection Regulation (GDPR) - Our six top tips

The EU’s General Data Protection Regulation (GDPR) comes into force on 25th May 2018. Here are our six top tips on things SME’s need to be doing right now to prepare for GDPR.

Guide

1 min read

1. Overview

The EU’s General Data Protection Regulation (GDPR) comes into force on 25th May 2018. This will apply to all businesses and organisations that are offering goods and services to EU citizens, or to those monitoring the behaviour of EU citizens, or who are processing personal data.

Here are our six top tips on things SME’s need to be doing right now to prepare for GDPR:

2. Review it now

This is the biggest update to data protection law since the current EU Data Protection directive which was established in 1995. Preparing for GDPR will need your full attention and it will take time to implement new processes and procedures across your business. Review the legislation online now.

3. Understand the new changes

Many of them will impact your current processes, such as an individuals right to be forgotten and subject access requests. You may need to draw up a plan for responding to such requests as with most cases under GDPR you only have one month to reply.

4. Map out what data and personal data you store

It is essential that you understand where it is stored, what systems you use and how you use it. Consider whether invasive means of collecting personal data are used and if the data is processed fairly and lawfully. This means informing people about the purpose and use of personal data collected and how your business will process that. At this stage you may want to consider a privacy impact assessment.

5. Securely delete old data

If you are storing data that you no longer require (and are not legally obliged to keep) then securely delete it. Disposing of unnecessary data will help reduce risk. But make sure you securely erase it with specialist equipment and software.

6. Let your employees and suppliers know

Make sure all of your employees and suppliers are aware of any changes to your processes and procedures that may impact them. They will also need time to adjust and prepare.

7. More information

Visit the Information Commissioners Office (ico) website for up to date information on GDPR, useful guides on what steps you need to take and when.

Get the support you need right now

You can connect with us through the contact form, call us or contact your local Business Gateway office.

You might also be interested in

Cyber resilience

Big or small, businesses are at risk of attacks from cyber criminals. Our tutorial will help protect your business from cyber crime. You’ll learn how to best prevent and cope with criminal activity.

Apps for business

Using apps to interact with brands and services has become second nature to customers. Find out if an app is the right next step for your business.

Video for business

Video content is the marketing tool of the moment. It is a really engaging way of showcasing your business to both existing customers and potential new ones.