Unless you have been living under a rock, it has been hard to miss the media frenzy surrounding General Data Protection Regulation (GDPR). Although there is already a data protection law in place, on the 25 May 2018, the life of any business holding personal data will change forever when the GDPR becomes enforceable throughout Europe.

The scale of these imminent changes has created a wave of uncertainty, with some companies panicking about how they’re going to carry on communicating with customers. Others are burying their heads in the sand, trying desperately to delay the need to act because, quite frankly, they don’t know what to do next.

If anything can be taken from the changes, it is not to panic, but act now!

We at SF Group (an Ignata business) are not subject matter experts on GDPR which is why we work with a wide network of consultants and organisations to bring you the best possible advice. We recently held a breakfast seminar in Nottingham with Phil Webster MBA who talked through some of the do’s and don’ts and why GDPR should be an opportunity to streamline your business and not restrict it. Here he shared some of the things you need to think about below;

  • Who do you hold information about? E.g. staff, clients, suppliers
  • ​What information do you hold about them?
  • Who do you share it with?
  • How long do you keep it?
  • ​How do you keep it safe?
  • Is any data transferred within or outside the EU?
  • How do we or our customers and/or suppliers process data?

Spending time on carrying out these steps will put you in a good position to move on to subsequent steps in the ICO’s document on the ‘12 steps’ which can be found ICO – 12 steps

We support our clients with insight, thought leadership and consultancy and will be holding similar events throughout the year, so please check out our events here