Data Protection – Are you compliant?
GDPR came into force on 25 May 2018, closely followed by the Data Protection Act 2018. This was a fundamental change to the previous regime, that had been in place for some 20 years.
Many businesses spent a great deal of time and effort producing new policies and statements in the run up to 25 May 2018. Many other businesses are still working through that task today, or for whatever reason still haven’t got to grips with their obligations. But in whichever case, having the right documentation is only part of the battle. If your shiny new policies and statements sit in a desk drawer gathering dust, then they are likely to be of little or no benefit to your business. Equally important is ensuring that your management and staff have a clear understanding of their responsibilities.
Sills & Betteridge provide three linked areas of advice in relation to data protection compliance:
- Step One – producing appropriate policies, statements and documentation to protect your business – tailored to your business rather than the “cut and paste” approach taken by some so-called experts advertising online;
- Step Two – providing guidance, whether on a one-to-one or group training basis, about how to implement and use your new documentation to the best effect; and
- Step Three – providing ongoing advice after implementation – from how to deal with potential data breaches as they arise, to the impact of Brexit on your data transfers from the UK to the EU (and vice versa).
If you would like to discuss any of the above, please contact Euan McLaughlin. Euan is a partner in our Commercial Department.