Our Resolve. Your Resolution.

News and Events

GDPR: Marks for showing your 'workings out'

View profile for Matt Rowley
  • Posted
  • Author
GDPR: Marks for showing your workings out

GDPR comes into force on 25 May 2018 and will impact on every organisation to some extent. Everyone has some work to do!  How much will depend on how compliant you are now with the existing requirements of the Data Protection Act 1998 and how much personal data you hold, the types of data you hold and what you do with it. But if you’re not going to be able to meet the deadline, it is important to be able to demonstrate that you’re taking it seriously and doing your best.

If you’re already pretty organised and responsible when it comes to the management of people’s data and privacy then it may be that you only have some basic documentation to put in place or to update in order to reflect the new regime and to be able to ‘demonstrate compliance’.

If you have never thought properly about the data that you hold, where it comes from, how secure you keep it or what you do with it, you have a long journey ahead. The world of data protection is changing and attitudes will need to change with it. While the €20m fining power available to the Information Commissioner is realistically unlikely to be applicable to many small to medium size businesses, the fact is that the Office of the Information Commissioner is taking a more pro-active and determined approach to enforcement. But that approach is risk based and acknowledges effort! Demonstrating that you are taking data management seriously and that you are working towards compliance will get you a lot of credit with the ICO, even if you haven’t got it quite right yet.

So… don’t panic! If you don’t know enough/anything about GDPR and feel like you’re lagging behind, bite the bullet and dive into the vast amount of guidance online at www.ico.org.uk; work through the checklists; go to some training; take some advice; and make a note of every effort that you make in order to show that you are taking it seriously. Develop a plan or a road map of how you’re going to achieve compliance in the end and, crucially, document it and update it. Showing your ‘workings out’ will count for a lot of marks even if you don’t get the final answer quite right. Getting a 10 out of 10 for effort will go some way to demonstrating to the ICO that you won’t always be behind the rest of the class.

Our articles are intended for general information purposes only and are not a substitute for professional advice tailored to your specific circumstances. We are always very happy to discuss any plans, issues or concerns you may have and to clarify how we might be able to help. We cannot accept responsibility for any loss as a result of acts or omissions taken in respect of this article.