GDPR an idiots guide – General Data Protection Regulations

GDPR an idiots guide, has been written because Unleashed visited IP Expo in Manchester last week. It was great to meet some old friends and make some new ones. The general theme this year amongst a lot of the vendors was GDPR. Nearly everyone mentioned it in their literature, which is great. The only problem, is no-one really know what it means or how is going to affect their business!

As a result. I have decided, on your behalf, to go through available information and try to simplify what it means for you. Consequently, GDPR an idiots guide.

Most Noteworthy, It doesn’t come becomes law until, 25th May 2018. This seems like a long time. Because of this, the time you have done your homework, plan it and got some budget, then 12 months, isn’t that long! Therefore, now is the time to start looking at it.

In a nutshell, GDPR is about protecting personal information. As we all know, a lot of personal information has been collected illegally by businesses being hacked. Now, as part of this new government legislation, if your data is breached you must report it within 72 hours. Or, face a fine of 4% of your revenue.

What does this mean in real money?

Below are three UK Companies that are currently doing well. Please note, I have only picked them because I can find their turnover, no other reason. This data has been taken from Forbes and is correct to 2014. The first figure is approx. turnover and the second figure is the 4% fine if they are breached, and do not report it within 72 hours.

  • Amigo Loans                                               £127m                £5m
  • Oakman Inns and Restaurants        £19m                   £76k
  • Fletchers Solicitors                                 £16m                   £64k

4% doesn’t see a lot. However, it can be a significant cost if you have to pay it. One thing I must also mention: Brexit makes no difference, this is going ahead.

Some Useful GDPR information

Personal information is defined as – Name, address, phone number, bank/credit cards, email address and IP address.

Who does it affect? – Businesses based in the EU that collect or hold personal data on EU citizens. No matter where they reside.

How does it affect your business? – How you Collect, store and record personal data and all processing of that data.

Step you can take to mitigate risk

  • Look at where your data is stored
  • Time you store personal data and is it still relevant? If not, you must delete it. If the individual asks you to delete it you must.
  • Governance surrounding accessing of any personal data
  • Monitoring who has access to that data

Still confused?

Finally, if you are still confused or would like more clarity or would like to start the planning process. Give Unleashed a call and arrange an informal chat 0333 240 0565 with one of our experts or have a look at our dedicated GDPR page?