What law is going to catch you with your pants down? (or why you NOW need to understand GDPR as an EU business)

Read By 59 Members

You may have heard the term GDPR (General Data Protection Regulation) and if not you certainly will. As we approach May 25th 2018 when this becomes law the noise around this will grow.

Don’t stop reading now as the acronym seems boring and not relevant to you, it is and it is !

What’s happening is a new law will come into play across Europe, yes the UK included too, Brexit or no Brexit it will apply!

This is not another year 2000 hype where there was no impact or pain. The impact is already happening and the pain is going to get greater!

If you’re not sure what the GDPR is or how it will affect your business, now’s the time to start paying attention.  This is all about company’s legal liability to protect data they hold on staff, customers and in fact anyone where personal details are stored and the impact (fines £) that are going to ensure if you don’t!

So this encompasses cloud, on premise, IOT and mobile, no matter where you store data, if it meets the criteria of personally identifiable and relevant information then you need to comply. Ignorance will not be an excuse and in fact will put you in a far worse position. Better you can demonstrate your diligence of action and how you have tried to mitigate any risk as a defence. It is good practise to be able to demonstrate that you have attended training, acted on the process recommended from it and tried to do the right thing and you have a far better chance of being treated leniently and worked with rather than against it should the worst happen.

There is a wealth of information and articles on GDPR available, unfortunately they mostly quickly defer to complex detailed information and do NOT give clear and plain guidance as to what it means and what needs to be done, hence stats such as “96% of businesses do not fully understand GDPR (Source : Symantec 2016)”.

So let’s make this clear and simple in 3 buckets, why it is, what it is and what you need to do;

Data is important and you have a legal responsibility to do certain things

Data breaches hit all-time record high in 2016 with an increase of 40% over 2015!

You may have already heard about some of the high profile names who had such breaches in the last couple of few such as Three Mobile(UK), French naval defence contractor DCNS,  Vodafone (Germany), Tesco Bank (UK) , Bundestag (Germany), the Czech Ministry of Education, the Irish Department of Social and Family Affairs,  Kiddicare (UK) and we could go on and there will be more of these stories coming for sure!

Data Protection Laws are long due an overhaul. For example most Data Protection Acts have not been revisited since the late 90’s at best, since when the world has changed radically;  the internet, cloud, and mobile changing the volume of interactions and data exchanges taking place.

What GDPR is

GDPR is the new law that requires from May 2018, any business that operates in the EU or handles the personal data of people that reside in the EU must implement a strong data protection policy to protect this client data. It is the EU’s way of giving customers more power over their data and less power to the organisations that collect and use such data for monetary gain. Businesses that fail to meet the new standard will face fines of up to 4% of global turnover or €20m (whichever is larger) and businesses that suffer from a data breach without having adequate measures in place will suffer the same.

So this is a law, something mandatory you need to take action on as a Director of a firm with Director liabilities and something that your customers care about. See this not as a threat but as an opportunity to get your ship in shape and proudly state to customers you have been on GDPR training and are taking action with processes to be a good caring supplier. Consider putting a GDPR and how we care for your data section on your website, alongside contact us and about us.

What Action you need to take….  (and Don’t Panic)

You need to be prepared as a business to take action now and to mitigate the risks you face.

Do not assume you are immune from a security leak of data and that you can deal with it afterwards!  By taking action now you can help reduce the risk of it happening and by taking demonstrable action will provide you a defensive protection  should the worst happen.

The May 2018 deadline may seem a long way off at the moment , but businesses must act today in order to understand what it will take for them to achieve compliance and to have time to do it and to do it without panic and fitting it in alongside your day to day running of the business.

You need to get the ball rolling and have a plan of actions for your journey to GDPR, so that come 2018 you have no panic, no worries and can assure your customers of your compliance.

There is much talk for example that every organization will need to appoint a Data Protection Officer and that failure to do so will expose you to possible huge financial sanctions. In some cases this may be required, you need to understand this now and the most effective plan you can take to ensure you are compliant in the most effective manner for your business.

The last Information Commissioners Office survey found that 75% of adults in the don’t trust businesses with their personal data.  So as well as being legally compliant you can also utilise this in a positive way to assure your clients are assured in dealing with you.

You will find many offering 3 day courses and/or complex expensive consultancy and whilst for some this may be appropriate, for most allocating someone in your business to own the process as a special project ownership and sending them on a days awareness and process training workshop now will get you on the way with plenty of time to work it out well for your business.

If you wish to know more and find out what sort of training options are available and costs checkout gdpr.direct

 

 

 

Ian Moyse

An energetic leader and senior executive in the Cloud Solutions industry. I have been passionate about computing since I was 14, falling into sales at age 20. I embrace sales as a skilled profession & still love learning new things, am competitive and enjoy exceeding customer expectations. ✔ Proven expertise in cloud & software sales and marketing with a successful track record of rapidly scaling sales, creating & managing high performing sales teams & opening new markets. ✔ Proven management and building of enthusiastic and committed teams. ✔ Experience of a wide range of sales disciplines through building and leading direct, indirect & inside sales teams across multiple geographies UK, EMEA, USA ✔ Deep knowledge of channel based sales approaches, having created powerful tier 1, tier 2, OEM & Alliances revenue generating partner eco-systems on multiple occasions. ✔ Experienced in selling Cloud, Security & CRM to both channels & end user clients, from small to mid-market through to Enterprise. ✔ Have led small start-up teams in small organisations through to pan EMEA large sales teams in global vendors. Specialities: Leading rapid growth in technology companies. Sales & marketing leadership. Building & retaining ‘A’ player teams. Leading by example, removing sales obstacles & mentoring sales teams. Opening new geographic markets & creating revenue from new product lines. Identifying & recruiting appropriate channels to aid market growth. Recognition: ✔ Sales Director of the Year 2015 (Institute of Sales & Marketing Awarded). ✔ Sit on the board Eurocloud UK & Governance Board of Cloud Industry Forum (CIF). ✔ 2014 Ranked 9th w/wide in top 50 most influential people in Sales Lead Management (SLMA) ✔ Klout Social Score 78 ✔ TalkinCloud global top 200 cloud channel experts 2011 ✔ Listed on MSPMentor Worldwide top 250 list for 2011 & 2014 ✔ Listed in top 25 of the w/wide SMB Nation 150 Channel Influencers list 2012 & 2013 https://about.me/imoyse

Have Your Say: