What is the EU GDPR?
General Data Protection Regulation is an EU data protection directive, introducing a series of ‘data subject’ rights that were introduced in 2018 to ensure that all EU residents have control over their personal data – The GDPR still affects the UK businesses, despite our decision to leave the EU.
Why is the GDPR so important?
Many smaller businesses across London presume the GDPR doesn’t apply to them. This is not the case. The GDPR’s regulations state that any business that is involved in the handling or processing of personal data would be subject to the same financial penalty as large businesses.
Recent GDPR Data Breaches
In line with GDPR, certain types of data breaches relating to your business must be reported to the Information Commissioners Office (ICO). A recent example of a GDPR data breach incurring large fines occurred with Marriott Hotels and British Airways.
What does our GDPR Consultancy include?
Our GDPR consultancy package for businesses in London contains an audit and GAP Analysis to identify non-compliant areas of your business and give you a series of recommendations and actions to achieve GDPR compliance. These actions can either be completed by Infinity Group or yourself at a later date.
GDPR Audit and GAP Analysis
Our GDPR Consultants will spend one day on site performing an audit your current IT and Cyber Security setup within the business and undertake a comprehensive GAP analysis that will be sent to you, this will include; An overview of the current level of GDPR compliance within the business relating to IT and Cyber Security. A comprehensive list of key recommendations and the actions required to prepare for GDPR compliance, a set of recommendations and cross references to sections within the General Data Protection Regulation.
How can you achieve GDPR compliance?
Raise awareness within your business about the GDPR
Ensure that all decision makers and key staff within the business are aware of the GDPR compliance requirements. Depending on your business type, your clients may also ask what they need to do to prepare for the GDPR and require your advice, so it’s certainly worth increasing your knowledge.
Document all business data
You should start to document what personal data is held within the business, where it came from and who you plan to share it with. By having this documented, you will also comply with the GDPR’s accountability principle which requires businesses to demonstrate effective policies and procedures in place when it comes to data protection.