Making a start on GDPR

Getting my business ready for the GDPRaagh.

We’ve all heard about it and know we should be doing something about it, so here’s my journey with GDPRaagh so far, with a few tips on what you should be considering before the 25th May.

Don’t worry, I’m not going to go over the regulations!

But here is a link to the ICO should you not be aware: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

So, here’s what I have done so far;

  • Audit: I conducted an audit of what devices and software applications I have and the data I collect, including access and any permissions. This audit is a working document which will be updated as my business develops, and the regulations are updated. It has given me a clear picture of what data I have and where it is.
  • Data Storage: Finding out where the data I hold is stored was the next big step. I had to consider any suppliers, or for example, any plugins on my website and find out if they were GDPR compliant; were they holding data outside of the EU and if yes what were they doing to comply with the new regulations?
  • Security: I have looked at making sure all my devices are encrypted and malware is up to date. I’ve taken a look at Cyber Essentials and always make sure I backup regularly.
  • Mailing Lists: I have reviewed my mailing lists and am ready with guidelines for new consent regulations, positive Opt-ins, clear and concise information and what needs to be taken into consideration.
  • Data Policy: I’m now in the process of updating my data policy to reflect all these changes.

Am I finished?

No, there is still plenty of on-going work to do! For example, I need to look at my data retention policy and I am working on a data breach plan. I’m also waiting for more announcements from the ICO as we edge closer to May and will need to adapt to comply with these.

Will this make you compliant?

No, just doing the above will not make your business compliant as we are all different and it is in fact much more in depth! The main thing is I have started – have you?

How can I help you with GDPR?

I have attended various seminars and webinars and have been working with my fellow VA’s in getting ourselves ready, with the aim of supporting our clients and other SME’s. If you would like to know how to get started on your GDPR journey please join us at the Warwickshire VA Network GDPR L Plates for Small Business event in Coventry. There are 2 dates to choose from. See https://www.eventbrite.co.uk/e/gdpr-l-plates-for-small-businesses-tickets-43239710137 for further details and please don’t hesitate to contact me if you require tailored support at this stage.

#GDPR #Business #Enterprise #Data #Regulation