Looking for help with your GDPR readiness preparations?

We have a whole host of training, support and solutions options for GDPR & Cyber Security available for all sizes of business. From sole trader, micro business, SME, education, public sector, retail, leisure, up to multi national organisations. No matter what your size or budget we have options available for all.

We work with an extensive range of specialist partners and services in order to find the right fit solution for our clients needs. The website only scratches the surface. Please ask for details

In light of the recent Facebook & Cambridge Analytica scandal, it’s no surprise that people across the board are now talking about data privacy a whole lot more than they were when GDPR was initially announced.

When we set out on our own GDPR journey we realised how much work was involved from evaluating and implementing changes in how we work in our own business. These things take time and planning and cannot be done overnight. That said please don’t think that it is all doom and gloom, these changes are coming to help protect everyones data, including yours. Rather than worrying about GDPR we should be embracing it. Change the way you work, think before you do. Soon enough the changes you make will become second nature.

Admitting you need to get a plan together and have areas that need attention is the first step. Actually implementing the plan is the next. Time is ticking, but you do have time to make the changes, the important bit os actually having a plan and starting to think privacy. You are not alone, help is available if you need it.

There are some historic changes happening around data privacy and data protection right now. It could mean that the databases you have and information you have of your customers is useless and actually going to be useless or even illegal. In April 2016 everyone was given 2 full years to prepare, but many businesses have not even started to do anything about it. We were actually given 2 years because making the changes required takes a lot of time, planning and resource allocating. This is not a quick job. Alarmingly not that many have even heard about GDPR. What is GDPR you say?

On 25th May 2018 the GDPR (General Data Protection Regulation) replaced the outdated 1998 Data Protection Act. https://ico.org.uk/for-organisations/data-protection-reform/. An act that was put in place before we all had social media accounts, or smart devices, or for a lot of people even email. So what? Will GDPR effect me? The answer is most probably YES!

The Drum
Even before the 2 year countdown started ticking, The Drum Magazine put out a video that warned digital design and marketing businesses, that there did not seem to be much awareness of the changes. That it should he high on the entire businesses agenda to make good use of the 2 year lead in as it was no easy task ahead.

Even if marketing is not directly your game, if you are in manufacturing, recruitment, health, transport.., ANY type of business, there are plenty of case studies to demonstrate action already being taken.

We have all heard about MP’s leaving laptops on trains, DVD’s with sensitive data going missing in the post, phones being left in taxis – what if this happened to you or one of your colleagues? Are your devices even encrypted? What if a device that you use for work was stolen out of your car, or if you were burgled at home and your laptop went walkies. Could your business continue trading if you were fined tens or hundreds of thousands of pounds? How about millions? A scary thought?

How many people do you know personally who have lost a phone on a night out? Smart phones provide access to lots of personal information, even customer information perhaps, especially if you use your devices for work, have work email setup, Google Drive or Dropbox installed.  If the unthinkable were to happen, I am guessing it wouldn’t be that bad because you all have 2 factor authentication set up on your tech right? No?

Cyber crime
Hi tech crime is on the up. Phishing scams and CEO fraud are putting businesses at risk on a daily basis. If it’s not ransomware threatening to lock and delete your data unless you pay up (see NHS Cyber Attack), then it could be keys logging software sat quietly in your browser. Often you don’t even notice but it can be learning your how you talk to your staff and customers, it can send correspondence to your suppliers asking for payment to a bank account that is not yours, even record logins to your bank so that it can empty your account. Information Security is only a small part of GDPR readiness. Are you even up to speed on that?

Pre 25th May 2018, data loss, breaches, improper / unauthorised use of personal data, including marketing to people without evidence of opt in permission, could result in fines of up to £500,000 by the Information Commissioners Office. Move forward past 25th May 2018 and the potential penalties increase up to £17M/€20M or 4% of GLOBAL turnover (whichever is greater).

It won’t happen to me
If you think “well surely this won’t effect my business” it might be time to think again. We have spoken to people who have said “we will just wait until after 25th May 2018 and see what happens”. That could be a very dangerous move indeed.  The ICO have been taking action and issuing fines for years. Not just for breaches, but also to businesses who are contacting customer bases without the proper consent. Flybe and Honda were both fined for emailing customers to confirm that they had given consent to receiving communications. The Register – Flybe & Honda Fines article.

Search by sector
To help drive this home and see how business in your sector have already been affected, you can select organisation types and see what sort of action is being taken before the GDPR even comes into effect.

All action, health, marketing, general business, local government, charity & voluntary, finance insurance & credit , online tech & telecoms, criminal justice, land or property services, transport & leisure, education & childcaremedia, retail & manufacture, legal, central government, membership association,political, regulators