Proactive steps need to be taken now to ensure that your business is ready to meet the challenges of GDPR. For example: –
- New consents to hold individuals’ personal data may be required;
- Training of your staff will be a key task, both in terms of making them aware of their key responsibilities and also allowing them to identify potential breach situations;
Whilst there is no doubt that GDPR will have a significant impact upon custom and practice, it is also clear, in many respects, that a number of the requirements of GDPR are familiar concepts from the Data Protection Act 1998. Therefore, the potential impact upon business is perhaps not quite as fundamental as is being portrayed. All businesses have the time to review the personal data they currently hold, and their current policies and procedures, and make the necessary changes to ensure that they are ready for GDPR.