If May 25th 2018 is not already highlighted on your calendar then I suggest that you mark it now.
Because after this date, failure to comply with the new General Data Protection Regulations (GDPR) could result in a £20M fine or 4% of your organisation’s global turnover (whatever is the greater.)
What is driving this change?
With cyber security attacks and spamming by mail, phone and digitally every on the increase, this legislation aims to put control back in the hands of the individual over their personal data.
So what is required and who will be impacted?
Any organisation that holds information on individuals will have to prove how they sourced the information and that the individuals have given permission to contact them. In addition, any employees involved in the process of gathering and communicating with these individuals will need to be trained and supported on what they can and cannot do.
This change in the use of personal data needs to be on the radar of all organisations, no matter how large or small. Likewise, Brexit will not provide an opportunity to avoid this legislation with the U.K. government already stating that compliance with the GDPR legislation is critical.
The Information Commissioners Office (ICO), sponsored by the Department for Digital, Culture Media and Sport is providing up-to-date information on the regulation and the requirements that organisations will need to meet; however, meeting the technical requirements and ensuring that employees are aware of their responsibilities and have the motivation and ability to follow these new procedures will require change management expertise and support.
For support in ensuring that your organisation is ready for the May 25th deadline please contact us on 03450 523593 or email firstname.lastname@example.org.