Search
Close this search box.

GDPR one year on – are you staying compliant in 2019?

The European Union’s General Data Protection Regulation (GDPR) saw a major overhaul of how businesses, regardless of size, handle personal data. Firms must evaluate how they collect, store and process personal data to protect a person’s privacy
financial

It was the new data regulation which had every company in the UK talking about when it was first introduced a year ago this weekend. Contributor Matthew Cole, Partner – Prettys.

The European Union’s General Data Protection Regulation (GDPR) saw a major overhaul of how businesses, regardless of size, handle personal data. Firms must evaluate how they collect, store and process personal data to protect a person’s privacy – and 12 months on, many are still finding the regulation a challenge.

Here are some top tips for ensuring individuals and businesses keep their compliance regulations on track:

1. Re-evaluate your current GDPR plan – When businesses first started putting together their GDPR procedures and policies, it was all a bit of a rush. Most people wouldn’t have been fully compliant even after putting these procedures in place, as there was so much to do.

Therefore, it is worthwhile to see what you have achieved and what still needs work. GDPR compliance is very much a continuous process, and now is a good time to look at how you can adapt it for future innovations.

2. Give all staff basic training – GDPR can be difficult to understand and organisations need to be proactive in training their staff to ensure they are up to speed with all the necessary information. When new staff members are joining a company, they should be given basic data management training and everyone should have some understanding of how their organisation uses data.

3. Know your data! – Organisations should understand what data they process, what they do with it and who they share it with. To do this they can conduct an audit. The hallmark of any audit is to understand what kind of personal data you’re using, where it comes from and where it goes. If you get these things right, you can’t go too far wrong.

Rather than looking at the procedures once a year to review the policies, there should be someone on hand whose responsibility it is to constantly look at ways to improve the way the business handles data and futureproof their GDPR compliance policies.

4. Sort out your IT systems – Companies should also make sure their IT systems are up-to-date and as secure as possible. They can use Cyber Essentials, a Government scheme that helps protect companies from all kinds of cyber-attacks.

5. Have clear policies in place to prevent security breaches – A breach in security is arguably the worst thing that can happen when it comes to data. In order to prevent this from happening it is important employees have an awareness of the policies within the company.

In the rare case that a former employee attempts to steal data, you need to be prepared. To prevent this from happening, there needs to be clear guidelines in place, including clearly stating that all data is owned by the company.

Staff should also be prohibited from storing data on personal devices and sending it to personal email accounts.

You can get software which monitors if staff have sent data to themselves. The most important thing is just to be vigilant and carry out regular checks. Do simple things like regularly change passwords, keep web systems up-to-date and make sure privacy policies are accessible and accurate. An organisation’s data consent needs to be explicit and not include pre-ticked boxes like many e-commerce companies still do.

6. Make sure you don’t become data confused – There can be confusion surrounding what data actually is. Often people think it isn’t data if it doesn’t contain a name or address. But data is actually anything that can help you identify an individual, so it is very wide ranging.

If you are unsure, the ICO website contains guidance on the exact definition of what data is (www.ico.org.uk). As technology develops and software such as facial recognition becomes more common, there will undoubtedly be more questions surrounding data in the future.

Read more

Latest News

Read More

Rise in recruitment fraud must urgently be checked

28 March 2024

Newsletter

Receive the latest HR news and strategic content

Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

Latest HR Jobs

University of Cambridge – Judge Business SchoolSalary: £32,332 to £38,205 pa, pro rata

University of Cambridge – Judge Business SchoolSalary: £29,605 to £33,966 pa, pro rata

University of Oxford – Blavatnik School of GovernmentSalary: Grade 5: £28,759 – £33,966 per annum (with a discretionary range to £37,099)

Software Development Director (Exec Team Seat). Remote Working with Ellesmere Port Office-Based Minimum 1 Day Per Week. + Contribution towards membership fees. £120,000 – £140,000

Read the latest digital issue of theHRDIRECTOR for FREE

Read the latest digital issue of theHRDIRECTOR for FREE