GDPR – Plan of attack

GDPR – Plan of attack

Finally, data protection and in particular the General Data Protection Regulation (GDPR) have hit the headlines.  Whilst most of the reports suggest this is a new piece of legislation or something that is to help position the post-Brexit UK within the European and global markets, this is not quite the case.  GDPR has been on the radar since May 2016 and we have been assisting a number of clients and organisations since that date.

Although the eye watering fines are always likely to attract the headlines, rather than shut the doors now, all businesses need to be taking some sensible steps in firstly identifying the gaps and risks within their current data protection procedures, then working out what remedial action is necessary.

This is not an IT issue.  This is not something that can be sorted by buying a policy off the shelf.  This needs buy in from the owners of the business and involves a very frank audit and review of the data being collected to understand and record.

  • why that data is being collected,
  • where the data is being stored,
  • who can access the data,
  • how long is the data being retained for and
  • what security measures are in place to protect that data.

Whilst only mandatory for those businesses with more than 250 employees, we recommend that all businesses should consider appointing a Data Protection Officer, which is someone who has overall control, not just for managing the journey towards compliance by 25 May 2018, but for staff updates, for staff training and for the ongoing annual audit.

Our Data Protection team is taken from our Corporate and Employment Departments and have been working in conjunction with a number of organisations and clients.  To help you with your first step, we have pulled together a questionnaire.  We would be happy to discuss with you the outcome of your questionnaire, so feel free to contact either Graham Millar gmillar@gilsongray.co.uk or John Kielski jkielski@gilsongray.co.uk within the Data Protection Team.

The information and opinions contained in this blog are for information only. They are not intended to constitute advice and should not be relied upon or considered as a replacement for advice. Before acting on any of the information contained in this blog, please seek specific advice from Gilson Gray.

 

Recent

Articles

GGFM FBU financial clarity
Unlocking Financial Clarity
April 25, 2024
Full article
NEW BLOG HEADER SIZE 2024 (1)
A focus on Wills - What happens when there is no Will?
April 24, 2024
Full article
Debt Recovery
The Housing (Scotland) Bill: Long-term private rented sector controls inbound
April 19, 2024
Full article
FBU 2 Employment header
Navigating Change in Family-Owned Businesses
April 18, 2024
Full article
FBU Event series 2
Family Businesses - Making the most of change
April 18, 2024
Full article
Findlay Anderson9A_17
Private equity investment for energy sector is picking up steam again
April 17, 2024
Full article

Newsletter 
Sign up to our News & Insights!

Sign Up