Have you heard? You MUST have heard by now?!

Everyone is talking about this and quite a few of us are now finally doing something about it…

 

And no, I am not talking about the Cambridge/Facebook data scandal, but something even more important to your business – GDPR!

 

GDPR is happening in May. We have had 2 years to get ready for it, but like many changes to legislation it will be a sprint finish to the line, rather than the slow marathon like approach to hit the deadline. The deadline is the 25th May 2018 for most companies – big or small.

 

There are so many resources out there, so let me simplify it and then you can check out various elements further; depending on your own company’s needs.

If you do any sort of work that involves keeping your clients details in digital format, online marketing, or using your website to gather client information, (asking users to sign up to newsletters, send you contact forms etc.), you need to have the right policies and processes in place to meet the new GDPR legislation.

 

You need to be able to demonstrate and prove that you know the following;

 

• how you collected the data and through what processes
• where the data you have is being held
• how secure is the data
• why you need it
• what will you do with it
• how you will get rid of it once you do not need it

It is very simple – you want to and more importantly, will need to deal with your data like you would with your clients. You care about keeping your clients, so you should care about how you are keeping their data. The ICO website has lots of great resources and templates for you to use.

 

My top 5 actions for you to consider completing before May;

 

1. Register with the ICO at  www.ico.org.uk if you are not already
2. Review the on-line checklist in terms of your own business – don’t have a generic approach
3. Review and update the security of your devices – is your laptop and phone encrypted? What is your plan if you would get hacked (you will have to let the ICO know if this happens)
4. Create a table (spreadsheet works well) with all the data you hold, where it is held, how it is processed and the lawful basis using the GDPR template available on the ICO website
5. Update (or create) your privacy policy, cookie and data protection policy and your legal contracts

Also, you cannot just ignore this – the fines are huge – we are talking millions!! (Fun Fact – Sweden have even doubled their fines)

So, I urge you to do the right thing by your clients and their data and get GDPR ready.

Getting GDPR ready will make you more aware of how much data is actually out there and how we need to be responsible for it.

 

If you would like to find out how a Virtual Assistant can support you and your business, check out the services we offer and contact us.