If you aren’t already aware, there is one very important date for this year which needs to be on your business radar, that date is 25th May 2018. This is the date that the new General Data Protection Regulation (GDPR) comes into force.
I have 2 simple questions for you:
- Do you have customers, clients or suppliers located in the EU?
- Do you have staff or visitors in your business located in the EU?
If you answered yes to one or both of these questions (which I’m sure you did) then it is extremely likely that you need to comply with the GDPR. From the largest multinational down to a local shop or the smallest of sports clubs anywhere in the world, it affects them all. The smaller organisations are the ones that could be at greatest risk as they don’t tend to have the resources available to prepare for the GDPR.
If you don’t know what the GDPR is, then in a nutshell:
- The GDPR is a coherent and thorough personal data privacy law across all EU member states.
- The GDPR aims to prevent security breaches and loss of personal data by organisations that hold or process PII (Personally Identifiable Information)
- Affects any organisation that offers goods or services (even free ones) to, or monitors the behaviour of, living EU citizens and residents.
- It is more prescriptive than the Data Protection Directive 95/46/EC, which it replaces. (In the UK it enhances the UK Data Protection Act).
- Penalties for breaking the regulations, can be financially extreme and significantly detrimental to your business brand.
There are already many “experts” out there offering off the shelf GDPR compliance packages promising to make your company compliant. These are highly questionable “experts” as when it comes to GDPR compliance, one size definitely does not fit all.
Every organisation is different (yours included), they operate in different ways and have different requirements and challenges in relation to GDPR.
Thinking that a quick tick list of things to do will get you GDPR ready for 25th May 2018 and afterwards you can forget about it, is a very risky strategy indeed. Please think again!
In the UK, the Information Commisioners Office even sums up really well the importance of understanding GDPR compliance readiness.
GDPR compliance will be an ongoing journey
Unlike planning for the Y2K deadline, GDPR preparation doesn’t end on 25 May 2018 – it requires ongoing effort.
It’s an evolutionary process for organisations – 25 May is the date the legislation takes effect but no business stands still. You will be expected to continue to identify and address emerging privacy and security risks in the weeks, months and years beyond May 2018.
Here at BMGUK Consultancy Ltd I am now offering a new high level GDPR Data Audit service to organisations of all sizes.
Each audit is tailored to the type and requirements of your organisation and is carried out by a certified EU GDPR Practitioner.
I will visit your business (ideally your head office) and work with you for a minimum of one day and carry out a high quality, high level information audit. Dependant on the size and type of your organisation further days may be required to ensure you get the best possible result.
From the audit a high level tailored report will be produced that will assist you to plan a project to start your organisation on its road to GDPR compliance, that fits your business needs and strategy.
The tailored report will be yours to do with as you see fit and included within the report will be 3 summarised options on offer to help you decide your most suitable way forward, these will be:
- Manage your GDPR compliance project internally. Using the report as your starting point.
- Manage your GDPR compliance project internally and purchase consultancy days from BMGUK Consultancy Ltd to advise you as you go.
- Engage BMGUK Consultancy Ltd to manage and deliver your GDPR compliance project with you.
The price for this GDPR Data Audit service starts at £550 per day, which at the time of writing is the most cost-effective audit available in the UK. (It is certainly far less than what some of the scaremongering “experts” are charging for a far inferior product).
Click here now to request an audit, I will then get back to you to discuss your requirements further and arrange a date for your audit.
At BMGUK Consultancy Ltd you can rest assured that your consultancy requirements are in great hands. I have over 20 years’ experience in IT Security, Compliance, Data Protection and Project Management. This experience is extensive and has been gained across many industry sectors including Defence, Retail, FMCG, Construction, Transport & Logistics, Warehousing, Electro Technical and Private Healthcare.
Take a few moments to have a look around the website and you will see the services BMGUK Consultancy Ltd provides and I am sure you will become reassured of the capabilities I possess.