GDPR – KEEP IT UNDER REVIEW
Over the last few weeks we have looked at some of the key areas of GDPR and how you can take some practical steps to move you towards compliance. Our blogs cannot cover every aspect of GDPR and if you want further help or guidance there are some useful links below. A good reference point is the ICO website (the information Commission Office.
But before we end this blog series there is one final recommendation we have …
There is no quick fix to becoming (and remaining) GDPR compliant. It will be an ongoing process and you need to keep it under review. You will most likely end up with a big ‘to do list’ after you have been through the steps we have outlined and it will take time to work through these. Try to prioritise i.e. where could there be the most serious breaches?
The good news is that the Information Commissions Office’s priority is to help companies with compliance. They have said that “it’s scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm”. The ICO will want to see that organisations are working towards compliance – but also accept that compliance is an ongoing journey. If you have taken the steps set out in our blogs you will be well on your way.
Having a data register and making sure you record the questions you ask (and responses and actions taken) will help with this significantly.
You can also look at GDPR as an opportunity for some good housekeeping – we are all guilty of keeping data and information for far longer than we need to.
But your biggest allies (or your biggest potential risk) with GDPR are your employees. If you can create a culture where everyone respects personal data and complies with the working practices you put in place and the associated GDPR policy documents that you will need to implement, then this is the best way to become and remain compliant.
Detailed below are some useful links for further guidance. Practical HR can also provide you with support with our self-audit/gap analysis, draft policy document, training or on-site audits. Through our software YourHR.space we can also help with the on-going control, management, training and communication around GDPR.
If we can be of assistance please do not hesitate to contact us on 01702 216573 or email me at email@example.com
The information commissioner – Telephone number: 0303 123 1113