The GDPR document provides information about the General Data Protection Regulation (GDPR) and what small to medium sized businesses in the UK need to know to comply. Key points include:
1) GDPR takes effect on May 25, 2018 and aims to strengthen data protection for all EU citizens and regulate how their personal data is processed.
2) Non-compliance can result in fines of up to 20 million Euros or 4% of annual turnover.
3) Key areas of responsibility include IT, senior management, and marketing ensuring policies and processes are updated.
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
GDPR: What UK SMBs should know
1. GDPRWHAT UK SMBs
SHOULD KNOW
The growth of the digital economy
is at the centre of why the GDPR is
being put into place.
The Information Commissioner’s
Office (ICO) confirmed that the
UK will still implement GPDR
despite Brexit.
GDPR WILL BE
ENFORCED:
25 MAY
2018
72HOURS
The amount of time
you have to declare
a data breach.
GDPR is in place to enforce
rules on how personal data
is processed and protected.
For non-compliance, you can face a
fine of up to €20,000,000 or 4% of
your annual turnover.
IT, Senior Management and
Marketing are the main
departments that will
be responsible for
ensuring compliance.
People have to provide
consent for their personal
data to be processed.
Companies have to
delete data if an individual
revokes consent.
Companies have to
delete data that is no
longer needed for its
original purpose.
The processing of data for
children under 16 years of
age requires parental
consent.
UK POPULATION
65 MILLION
More than HALF OF THE UK still
unware of GDPR
Over 70% of UK adults said
they’ve not been informed about
the GDPR by their employer
44% of UK businesses are aware that
they have suffered a data breach, 69%
of which lost personal data as a result
GDPR applies to all industries including:
Academic Health Construction IT Entertainment
GDPR applies to all
countries worldwide
that process UK or EU
data.
80% of UK SMBs
use security software,
20% have no defences
at all.
Becrypt’s Data Protection Suite can protect your organisation’s personal data on
multiple devices, making the first step towards GDPR compliance easy and cost
effective.
Call Grey Matter on +44 (0) 1364 654100 or email maildesk@greymatter.com
to find out more about GDPR and how Becrypt can help your organisation prevent
data breaches.
References
• www.twobirds.com/en/news/articles/2016/global/what-should-smes-do-to-prepare-for-the-upcoming-gdpr
• www.scmagazineuk.com/more-than-half-of-uk-businesses-still-not-fully-aware-of-eu-gdpr/article/633669/
• researchbriefings.files.parliament.uk/documents/SN06152/SN06152.pdf
• www.computerweekly.com/news/450412202/EUs-General-Data-Protection-Regulation-unknown-to-most-UK-adults
• www.worldometers.info/world-population/uk-population/
• www.information-age.com/2-5-uk-businesses-still-unaware-eus-new-data-law-despite-prospect-hefty-fines-123461295/
• www.assign-it.co.uk/gdpr-the-ico-announces-that-the-uk-is-going-ahead-with-the-reform-of-data-protection-rules-in-may-2018/
• www.itproportal.com/2016/07/12/it-security-why-small-businesses-suffer-most-when-hackers-attack/
• www.computerweekly.com/news/4500270456/EU-data-protection-rules-affect-everyone-say-legal-experts
GDPR aims to minimise the
collection of personal data as
well as minimise the length of
time a consumer’s data is kept for.
SMBs with less than 250
employees will not necessarily
have to maintain a record of
data processes activities, unless
the process causes a risk to
rights or relates to crime.
Sole trader or small business
working from home? If you use
data in relation to commercial
activities, then
you will still have
to securely process
or send data.
RECORDSRECORDS
If your company processes a
large amount of sensitive data
you may have to hire a Data
Protection Officer (DPO).
If that doesn’t apply it
is still worth nominating
a staff member internally to
help to focus implementation
and drive responsibility.
Building competences up
internally over time will
improve your overall strategy.
SMBs are still urged to be
more proactive and follow a
risk-based approach
to data protection
and privacy.
Start documenting your data processing
practices in a basic way, such as a
spreadsheet – define
categories of data, the
purpose of the data and
who’s responsible for the
data.
20% of UK IT decision makers are
unaware of GDPR
DATA BREACH
?
5.4 million SMBs in the UK
The first step to begin GDPR compliance?
Encryption – converting your data into code,
preventing unauthorised access.
DPO JOB
GDPR IMPLEMENTATION
What you need to know