The General Data Protection Regulation (GDPR) is upon us and will change the way companies hold and collect data in the European Union. The legislation will increase privacy for individuals and could lead to heavy fines for businesses that don’t comply. Businesses need to sort their processes regardless of whether Brexit comes into play.
As a business owner or an employee, you must be aware of what is changing and what is new when it comes to data protection. This means getting ahead of what you need to have in place to show the authorities you understand and comply with the new regulation.
What is GDPR?
The GDPR is a new legislation, governed by the Information Commissioner’s Office (ICO) that will protect people’s data.
Firstly, to get ready, you should document what personal data you hold, how you got it and whether you share it with anyone. Organising an audit would be ideal as it will show the ICO you’re approaching GDPR in the most efficient way.
Check your privacy notices and procedures. How will you delete personal data? Individuals will have the right to request what information you have on them, how you send it to them? How will you check they are who they say they are?
You should review how you seek and manage consent. For example, traditionally, people had to opt out of being on mailing lists; with the GDPR, businesses will have to change that, so people have to opt into a mailing list after leaving their information.
Every business should ideally elect a data protection officer who can take responsibility for data protection. You must have a process in place for the data protection officer to detect and report data breaches that comply with the GDPR.
What could happen as a result of failing to comply with the GDPR?
GDPR is a serious matter, one which should not be ignored. Failure to comply with the GDPR could result in a maximum fine of €20,000,000 or four percent of the global turnover from the preceding year.
How can SureStore Help?
Archiving
One way we already help many businesses is providing space for the files they need to store safely for their records. Many businesses need to keep files safe for many years, even after dealing with a client has come to an end. The best way to do this is through a SureStore storage unit. This avoids the files taking up room in an office and open to anyone in the office, employee or visitor accessing the information.
If your business requires you to hold on to information in this way, do it in a GDPR compliant way, involving a secure storage unit. Our storage units come with 24/7 CCTV surveillance and our locations are manned during business hours Monday to Friday. As our client, only you will hold a key to the unit, meaning no one else will have access to the files.
Shredding
Destroying individual’s physical data maybe something you’ll need to factor into your GDPR compliance process. A new service we have recently started providing, which you can read into here, is our shredding service. A service that a number of our clients have asked for has now become available and we can shred more than just paper. Industrial shredders can shred cardboard, CD’s and DVD’s and even hard drives.
Businesses need to comply with the new regulation and we suggest reading further into GDPR. The governing body, ICO have produced this document to help employers and employees.
If you live in the North West of England, SureStore can help. We have various sites across the region, including Bolton, Cannock, and Burton-on-Trent, with more opening in Manchester, Birmingham, Leeds and elsewhere soon. Talk to one of our experts by contacting us via our website.