Since the introduction of GDPR, the Information Commissioner’s Office has seen its busiest period ever with a 300% increase in calls to its helpline and a huge rise in the number of personal data breaches being reported.
RGDP’s own evidence supports these facts with our customers seeing considerable increases in data subject rights requests and personal data breach notifications. With the risk of potentially significant fines and reputational damage for non-compliance, now is the time for positive action and so here are RGDP’s Ten Top Tips for GDPR compliance:
- Understand your data protection responsibilities and appoint a Data Protection Officer (DPO) or Data Protection lead.
- Conduct an audit of your personal data; make sure you know what personal data you hold, why you hold it and where you store it.
- Establish the appropriate legal basis for processing each category of personal
data you hold.
- Ensure your privacy notices and cookies policies are GDPR compliant.
- Get appropriate data protection policies in place; ensure your staff understand them and know where to find them.
- Understand your data controller / processor / data sharing relationships and actively monitor third parties.
- Produce and maintain a Record of Processing.
- Ensure the security of the personal data you process.
- Understand the rules for direct marketing and transfers of personal data to third countries or international organisations, if relevant to your business.
- Embed the culture of privacy by design into your organisation and train your staff.
At RGDP, we provide a flexible, high quality and cost effective GDPR solution by supplying DPO services to organisations choosing to outsource their data protection requirements. We can be your DPO, we can conduct a GDPR ‘health-check’ and assist with compliance or we can simply be on call to help when breaches or other incidents occur. Our experienced DPOs are bang up to date with the latest regulatory requirements and best practice solutions; they can come to you or provide advice remotely, whenever required.
The reality is that GDPR isn’t going away, even after Brexit. With the ever present risk of fines and reputational damage, seeking out expert support that enables you to concentrate on your core business, safe in the knowledge that RGDP will help you meet your data protection responsibilities, is a prudent course of action to take.
Mark Chynoweth is the General Manager of RGDP and can be contacted at:
- t: 0131 222 3239 / 07741 738842
- e: Mark@rgdp.co.uk