Why is the GDPR so important?
Many smaller businesses presume the GDPR doesn’t apply to them. This is not the case. The GDPR’s regulations state that any business that is involved in the handling or processing of personal data would be subject to the same financial penalty as large businesses.
GDPR Data Breaches
Once the GDPR is in place, certain types of data breaches relating to your business must be reported to the Information Commissioners Office (ICO). Some businesses, depending on business type will need to report all types of data breaches, so we recommend researching what applies to your specific business type in relation to a data breach.
What does our GDPR Consultancy include?
Our GDPR consultancy package for businesses in London contains an audit and GAP Analysis to identify non-compliant areas of your business and give you a series of recommendations and actions to achieve GDPR compliance. These actions can either be completed by Infinity Group or yourself at a later date.
GDPR Audit and GAP Analysis
Our GDPR Consultants will spend one day on site performing an audit your current IT and Cyber Security setup within the business and undertake a comprehensive GAP analysis that will be sent to you, this will include; An overview of the current level of GDPR compliance within the business relating to IT and Cyber Security. A comprehensive list of key recommendations and the actions required to prepare for GDPR compliance, a set of recommendations and cross references to sections within the General Data Protection Regulation.
How can you achieve GDPR compliance?
Raise awareness within your business about the GDPR
Ensure that all decision makers and key staff within the business are aware of the GDPR compliance requirements. Depending on your business type, your clients may also ask what they need to do to prepare for the GDPR and require your advice, so it’s certainly worth increasing your knowledge.
Document all business data
You should start to document what personal data is held within the business, where it came from and who you plan to share it with. By having this documented, you will also comply with the GDPR’s accountability principle which requires businesses to demonstrate effective policies and procedures in place when it comes to data protection.
Awareness of customers rights
The GDPR includes the following rights for individuals
• The right to be informed
• The right not to be subjected to automated decision making including profiling
• The right of access
• The right to object
• The right of rectification
• The right to erasure
• The right to restrict processing
• The right to data portability