Small businesses, here’s what you need to know about GDPR
On May of this year, General Data Protection Regulation (more commonly
known as GDPR) came into effect. With the vast majority of businesses large and
small utilising peoples’ data in some way, shape or form, there are few that
won’t be affected, yet an alarmingly high number are unaware of how GDPR will
alter their day-to-day practices or what they must do in order to ensure
they’re compliant. Considering that the maximum fine for breaching this
legislation can now potentially run into multi-million-pound territory, we here
at Fields Data Recovery
want to help – that’s why we’ve written about the most important things all
businesses need to know about GDPR:
People have a right to access their data
Granted, people had a right to request you send them any data you may
have about them previously, but you could request that they cover the costs
you’d accrue compiling and sending it to them. Now, following the introduction
of GDPR, you’ll need to provide this information to anyone that requests it and
will need to do so without charging them.
You need to be transparent and ensure you have consent
A few months ago, your personal inbox was probably full of messages from
various companies informing you of the latest changes to their privacy policies
and requesting that you consent to them. Perhaps you, like many, assumed that
these were being sent as part of a marketing campaign; they were actually in
preparation for GDPR.
In accordance with this new piece of legislation, companies must now
have people’s express permission to retain and use their data for marketing
purpose. Additionally, they also need to ensure that their privacy policies are
as transparent as possible and that people consent to them in order for them to
maintain contact with the customer.
It’s time to encrypt your data
It’s always been best practice but, following the introduction of GDPR, data
encryption is now mandatory for companies of all sizes. Failing to do it
won’t automatically result in you falling foul of the legislation and landing a
fine but, as accompanies attempts to protect customers’ data will directly
influence the cost of any fine they’re issued with should they suffer a data
breach. As a result, companies that encrypt their data are proactively reducing
any potential fine they may be issued from the get go.
Conclusion
Whilst we at Fields Data Recovery believe that the three points
discussed above are vital, GDPR has brought a series of changes which no
company can ignore. If you’ve not yet acted and made changes in accordance with
this new policy, it’s of the utmost importance that you identify what you need
to do in order to ensure compliance and take action post haste.