General Data Protection Regulations

On 25th May 2018, new legislation will come into effect affecting all businesses handling personal data.

Whilst much of the GDPR is similar in spirit to that of the Data Protection Act, GDPR broadens the coverage of data protection legislation, with significantly increased penalties for breaches.

Complying with GDPR can mean big changes to internal policies, procedures, IT infrastructure and relationships with 3rd party service providers. It is vital that you review your current data processing activities and procedures to ensure that you are compliant with General Data Protection Regulations before May.

Who will be affected by GDPR?

If you have any interaction with individuals, businesses from all industries will be affected by GDPR.

Companies that may have previously avoided data protection compliance issues will now be subject to new obligations. These may include:

  • Web developers and website hosts
  • Shops and retail
  • Garages / vehicle services
  • Trades people

Due to the sensitive data they may hold, some organisations may require more detailed review and overhaul of processes and documentation. Those industries will include:

  • Healthcare
  • Law firms, accountants and other professional services
  • Care Homes
  • IT and Technology

The most important advice on GDPR is do not panic, and see GDPR compliance as an opportunity to promote the quality of the service you provide to your clients and customers.

How BRM can help you with GDPR

  • Assessing areas of your business affected by the legislation.
  • Auditing current personal data policies and procedures.
  • Auditing technical infrastructure.
  • Advise where you are not compliant with GDPR and changes you must make.
  • Work with you to produce a tailored action plan to help make you compliant before May 2018
  • Update company policies, contracts, terms of business for customers, suppliers and service providers
  • Update employment and HR policies and procedures including staff handbooks, and contracts of employment
  • Conduct ongoing reviews of your data protection activities post-May 2018 to ensure that your business remains complian

For advice for your business on GDPR compliance

Contact Us