What is GDPR?
You would have had to be living in a cave for the past few months not to have heard of GDPR. Whilst you may have heard these letters be thrown around in business conversations, you may not know exactly what they mean.
To help you along the way, we have put together our guide to GDPR, covering some of the basics that you are going to need to know before it comes into force in May 2018.
What is GDPR?
At the moment the UK Data Protection Act 1998 is the regulations to follow in order to ensure that you are acting properly with your data protection. However, for the past 4 years, the EU have been working on the GDPR or General Data Protection Regulation. The aim for this particular regulation is not only to be tougher on those who breach data protection, as well as to ensure that people have more say over how their data is used. It also ensures that data protection rules are much the same throughout the entire EU, rather than their being differences from country to country.
Who needs to be mindful of GDPR?
If you have control of data or you process data as a part of your business, then you need to be aware of GDPR. It doesn’t matter if you are a company working towards making profit, or if you are charity body or even the government. Any kind of data will be protected as a part of the regulations.
What does it actually mean for business and for the general public?
The GDPR report contains some 200 pages, which means that there are plenty of things that you need to consider when it comes to managing, storing and using data that you may hold as a business. However, to help you with the basics, here are some of the key aspects of the GDPR.
One of the largest areas has to be consent. This means that any business that holds data for their customer needs to ask for consent from that individual. They also need to make sure that they advise them exactly what the data will be used for. The individual also has the right to ask for access to the data that is held on them, the company will not only need to be able to provide electronic copies of this data, but also explain how the data is stored and what it is going to be used for.
Individuals can also ask for their data to be deleted at any time, as well as that the company do not share it with any third parties. This is an important part of the regulations and one that has a great impact on the general public.
As part of the regulations, businesses that hold personal data will need to appoint a Data Protection Officer within their business, however, this doesn’t have to be someone new and instead can be a current employee who has received the relevant training. If there are any data breaches within the business, then they need to ensure that they have notified their relevant supervisory body within 72 hours.
Any failings to uphold these rules will result in a substantial fine. This is as much as 4% of the annual global turnover of the business and is a huge reason why you should be taking GDPR seriously.
Now you know a little more about GDPR, there really is no better time to think about GDPR and how it will affect your business. Take the time to consider what changes you need to make and then make them sooner rather than later. Else you may find yourself in some serious trouble when GDPR fully comes into power.
Terahost can help you with your GDPR compliance by providing a secure and solid backup strategy. Robust cybersecurity and disaster recovery planning. Call or contact us today and let’s see how we can help you 0161 327 2829