Is your business ready for GDPR?

How your business collects, processes and stores customer data is set to be affected by new rules that will come in on 25 may 2018. The General Data Protection Regulation (GDPR) will reform existing cyber-security and data protection practices currently in place and impose heavy fines on businesses that fail to protect their customer data.

Companies will need to obtain clear affirmation consent from individual parties before initiating data collection activities, identify all personal data and assess how the data is store and for what purposes. If they are selling products and/or services to children then they will need to obtain explicit parental consent for any data collected.

Fines that can be levied for failure to comply are significantly harsher than those presently under the Data Protection Act. The GDPR will impose fines of an upper limit of £17.5 million or 4% of a company’s global turnover.

Awareness of the new rules was relatively low amongst businesses with a recent YourGov survey of over 2000 UK businesses indicating just under 30% being aware of their introduction. The Information Commissioner’s Office has information about the GDPR on its data protection reform website, where you will find a checklist to help your business get ready for the new rules.