365 days to go to until GDPR enforcement?
Well probably not!
We all know that there are usually 365 days in a year (366 for leaps), but in the business world that is not necessarily the case.
When speaking with a potential client at the beginning of the year about the new General Data Protection Regulations (GDPR) being enforced from 25th May 2018, it seemed such a long way away.
However after explaining that once staff holiday, bank holidays and festive closures needed to be taken account of, there were not actually that many business days left to prepare, document and implement any changes to be compliant with the new legislation from day one.
So here we are, approximately twelve months to go or more likely less than 254 business days away, less any holiday allowance.
What is it GDPR all about?
It’s very basically about personal data; any information that relates or identifies us as individuals and how that data is then ‘processed’ going forwards.
GDPR is an update of existing data protection and in part, privacy legislation, but takes current technologies into account and the way we work with them both now and in the future.
We all perhaps take our personal privacy for granted; we have choices about how much information we disclose, how and to whom; be it applying for jobs, subscribing to website membership, setting up social media accounts, online shopping etc. There is a belief that in doing so we automatically trust those who receive our personal data/information that it will be used only for the purposes it was intended and that it will be kept in a confidential and secure manner.
GDPR’s there to ensure our personal data is processed in a transparent, compliant way and that data breaches in whatever guise occur with less frequency. They also introduce a duty on all organisations to report certain types of data breach to the Information Commissioners Office (ICO), the supervisory authority and in some cases to the individuals affected.
At eNaycH we very much doubt that data breaches could ever be eliminated completely, but by training employees and raising awareness generally then implementing procedures, policies and processes to secure personal data, hopefully we will all see the number of data breaches lessen.
Details on these pages are not designed to be the full or comprehensive list of regulatory changes, nor in any way meant to be taken as legal advice. They have been used to highlight some of the important changes that may need some attention prior to the May 2018 deadline for compliance.