Unless you’ve been hiding under a rock over the past few months – or, if we dare suggest it, burying your head in the sand – then you’ll be well aware that we’re very quickly galloping towards the date when we all need to be compliant with the General Data Protection Regulation (GDPR). The legislation takes effect on 25thMay and it aims to give people a greater level of control over how their personal data is used and stored.
The obligations for employers here are obvious, and many. Just a few of the important things that you need to consider include how you collect and hold data on employees and candidates, how you afford people their right to be forgotten, and whether any third-party systems and software that you might be using are going to continue to be fit for purpose.
If you’re worried, you’re not alone. Research carried out by software firm Senzing found that 44% of companies were concerned about the pending deadline and their compliance. The implications of a data breach from 25thMay are pretty serious. You could face a fine of 4% of annual company turnover, or £17.8 million – whichever is greater.
Over the past few months, we’ve provided you with guidance around what you need to be looking at, and the changes that you’re likely to have to make before the deadline. So let’s not go back over old ground here. By now, it’s likely that you’ve got an understanding of where your focus needs to be. But there are still some important points to make…
Firstly, you can view GDPR as a burden. You can dread the organisation and potential upheaval that it’ll require, and the costs that you’re likely to incur. Or you can see this as an opportunity to strengthen your processes, eliminate issues and move forward knowing that you’re fulfilling your responsibilities.
Secondly, you don’t have to tackle all of this on your own. Reading general guides and commentary will get you so far, but your business is unique and it needs a tailored approach. Seeking out professional advice could save you a whole load of time, hassle and energy.
If you’ve been pushing GDPR to the bottom of your to do list, then let this be your wake-up call to get things moving in the right direction. Right now, we’ve got limited spaces in our diary for GDPR compliance reviews, so we can help you to assess what you need to focus on, and what really needs to be your priority. Get in touch today to arrange your session.