There’s recently been a mass email message from Google about General Data Protection Regulation (GDPR)
So people are understandably starting to ask what GDPR is all about and what they need to do.
First off, up front; Urban Haze is not officially GDPR certified to provide GDPR advice.
(it costs a lot of money to get officially GDPR training certified – and is difficult to justify those costs being passed on to our clients!)
That said, we know a fair bit about Data Protection 🙂
Here’s a brief and paraphrased explanation of what GDPR is all about…..
GDPR is the new version of the Data Protection Act – a big refresh long overdue after 20 years
This legislation becomes comes enforceable on May 25th 2018.
Yes it’s European legislation but No, Brexit will not affect it at all, it’s happening regardless of Brexit !
GDPR requires that businesses take action, which is primarily to nominate a Data Protection Officer (DPO) within the organisation.
Even small one man band businesses need to do this !
The implication is that a business’s nominated DPO would have to have knowledge of Data Protection as well as their company’s data, so it’s a move to try and get companies to take Data Protection more seriously and act upon it where necessary.
You can kind of think of it as similar to the move that happened to make places wheelchair friendly, be more accessible or perhaps the push to get organisations compliant with health and safety, or even the rules to make boiler plumbers Corgi registered.
– ultimately work and some costs for businesses, but very much in the best interests – although some may say perhaps over legislated in some cases
– in this case it’s done with the idea of tightening up business’s data and security.
There is a lot of media hype about the fines – they’re quoting the maximum which is 20 Million Euros or 4% of a business’s annual turnover – really meant to simply end any business that isn’t compliant. But do take that with a pinch of salt. They are most likely to going to be going after the big organisations that aren’t compliant and the worst offenders with these fines first, before picking on the little guys – but that’s not to say it couldn’t happen – also the fines for smaller companies are unlikely to be so ridiculously large – although expect them to still be significant.
t’s not a requirement that you seek advice from a certified professional, but it is a very good idea to find out more about GDPR, and it’s up to you to choose the level of professional advice that you take and can afford.
Google’s recent email asks users to log in to their admin console and make some changes to the settings in the Legal and Compliance steps
Please do as they ask and follow the steps
If you’re an Urban Haze client (or would like to become one!) and need any help doing this, please just get in touch
Please do remember that ultimately the onus is always on the business owner to make sure their own company is GDPR compliant.