6 Things an SME should know about GDPR
The General Data Protection Regulation comes into force on 25th May 2018. GDPR reflects the increasing importance of personal data since the previous Data Protection Act came into force back in 1998.
The Regulation brings in substantial tightening and toughening of the requirements on Enterprises and SMEs to store, share, send and receive personal data of an EU citizen.
Personal data is defined as "any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”
If you show that your SME is ahead of the game, you may find yourself in a competitive position over your rivals when it comes to tendering for business.
This is where a large number of Companies and SMEs are going to struggle, Companies and SMEs are obliged to not only comply with but to also prove their compliance with GDPR. Businesses are expected to design, develop and implement business processes for products and services that ensure that data protection is a significant consideration of the business process. You will need to adhere to the principles of Privacy by Design and Privacy by Default (Article 25). Such measures may include data encryption (Recital 78).
How is a Small Business going to go about proving that they are compliant with the act? Especially when they have customer data on several different spreadsheets across several different functional areas of their business.
Why is this important? The maximum fine for failing to comply is €20m. (Granted that it is unlikely for an SME to fall foul of such a fine, but it goes somewhat to prove the seriousness of the Regulation. And remember the UK is still part of the EU when this comes into effect).
Perhaps develop and foster a culture where employees feel protected in self-reporting when they have made honest blunders.
So here are the 6 things:
So where can SMEs get additional help and support
There are extensive resources available to help you make sure that you are compliant by 25th May 2018
Drop me a line for any help on how Cloud-based apps can help you mitigate your risks away from falling foul of GDPR.
if you found this article even 'slightly' interesting, we would appreciate a tweet
Insert your tweetable quote/phrase here