GDPR can be difficult to wrap your head around. A room full of nervous business people. The threat of fines and David Wood, IT Director of FDR law, a calm head in a sea of confusion.
The latest event at The Base provided insights on the GDPR (General Data Protection Regulation).
Most significantly, we learned the actions needed by May 2018 and the challenge of “Why haven’t we started already?” emphasized by David.
Those that attended benefited from David’s knowledge as well as advice. And, in addition to sharing his slide deck, David even offered a forum to ask GDPR questions after the event.
The new regulation places responsibility on the data controller for data management. Businesses will no longer be able to sidestep accountability by ‘passing the buck’ to outsourced data processors.
In fact, the arrangements you have with third parties need to comply with the GDPR too. And clients and partners, as David pointed out, will soon be asking the same of us.
Businesses must therefore ensure that their policies and procedures are documented to support the rights of the individual whilst also legitimising their own data usage – be that for day to day commercial expediency, legal obligations or providing for that individual’s best interests (which can include providing a better service).
The need to record the how, what, where and who of data you hold and policies to protect Personal Identifiable Information (PII) was David’s strongest recommendation.
This will ensure you have a response ready, within 72 hours, if you should fail any criteria (e.g. if you’re breached); meaning the potential fine from the ICO could be mitigated.
To that end, David pointed the audience to a number of resources and examples from the BBC’s Information and Privacy statements (as Plain English best practice) to guidance on cybersecurity from the NCSC.
Beyond the depth and detail of the seminar, David’s directions for practical action extended the very real and pragmatic approach he gave to his presentation.
If you’d like to attend an event as valuable as this one was, please register with the BaseConnect community.
Want to know more about The Base?
The Base is a Grade-A office and co-working space in the centre of Warrington that’s home to many market leading digital technology and advanced engineering companies. Whilst calling The Base your home, you will have access to free business support, including marketing, tax, legal advice, as well as help with innovation, research and development.
Contact us for more information.