If you use email (which you probably do!) or you have a LinkedIn profile and you review your feed you might, just might, have heard of something called GDPR. Though you might have heard of it do you understand what it is or how its going to affect the way your business operates?
What is GDPR? Simple Explanation.
The European Union is introducing a new piece of regulation in May 2018 called the General Data Protection Regulation which is an EU wide data protection regulation directive. In the UK, this is a replacement for the outdated Data Protection Act of 1998.
If you think how different the world has become in the last twenty years from 1998 to 2018, you can see this update is well overdue. In 1998 we had no Facebook, no Twitter and digital marketing was in its infancy. Did we place the same value on data back then that we do now? No way!
Key phrases to be aware of
- Data Protection Officer - an expert on data privacy who works independently to ensure that an entity is adhering to the policies and procedures set forth in the GDPR.
- Personal Identifiable Data – any and all information related to a person or ‘Data Subject’, that can be used to identify the person directly or indirectly.
- Right to be Forgotten - to entitle the data subject to have a copy of all the data you hold on them and provide the ability for the data subject to request to erase his/her personal data, cease further dissemination of the data, and potentially have third parties cease processing of the data.
Where to start?
Lots of the articles and content that you’ll see around GDPR include scare tactics, threatening the huge fines that would probably jeopardise the entire existence of your business! And yes, whilst being fined is a possibility, there will be a period where the regulations become better defined and everyone will have a greater understanding of what compliance looks like.
At Mirus, we believe that a great way for businesses and Compliance Managers to better understand GDPR is to look at this in a different way – GIVE DATA PROPER RESPECT.
If we Give Data Proper Respect, there are a of a whole number of areas in which we can help you start to address some of the issues that GDPR is going to create for your business.
- Cyber Essentials – Get certified. The Cyber Essentials Certification is a government backed scheme to drive improved cyber security. If you protect your data, your business is onto a pretty good start towards compliancy!
- Backup and Disaster Recovery – If you’re going to treat data with respect then you will need to ensure that you have secure and regular backups and that your data is accessible in the event of a disaster.
- Legacy Data – How do you deal with data you collate over time and do nothing with? For example; CV databases within recruitment companies. How long can that data be held until the person has a Right to be Forgotten? We can help to get a secure process in place.
- Processes – You need to review your current processes around the data that you currently hold, and understand what needs to change to ensure that you Truly Give Data Proper Respect.
Learn more about Cyber Essentials here.
The three pillars of Mirus are:
Delivering outstanding service.
Offering strategically successful solutions.
Providing consistent customer satisfaction.