Let’s be clear, the new General Data Protection Regulation was big news in early 2018. Threats of fines big enough to put your business, well, out of business were front and centre, and businesses everywhere were scrambling to become compliant ahead of the May deadline. Six months later – have we forgotten all about it?
Ineo Consulting worked closely with a large number of clients to assist them in making the necessary changes to their systems and data storage, contacting candidates and clients to confirm the data was up to date, that they could continue to store it, and setting up automatic updates to ensure all that hard work was maintained. Now is the time for a system review – is this working effectively? Is it working at all? Is it as automated as possible? Is it taking up too much of staff time to maintain?
If you carried out this work independently, now is also a great time to have one of the experienced members of the Ineo team come and review what you’ve done, to gain reassurance you have mitigated the risk of out of date data, storing data you don’t have permission to store, and to ensure maintaining it isn’t an onerous, time consuming and expensive exercise. Did you even get a chance to complete it before the deadline? Is it complete now?
I suppose the question here is, why should you care? Hasn’t all of this GDPR stuff calmed down? Can’t we now focus on what we need to focus on – business growth and profits? Well, unfortunately, the answer is no. Despite Brexit, despite everyone seeming to calm down, GDPR remains in the news on a regular basis. Now the deadline has passed, complaints are flooding into the Information Commissioner’s Office, and fines are being levied. And yes, they are eye-wateringly huge. Facebook and Equifax have each been hit with a £500,000 fine for serious breaches of data protection law. And let’s not forget how easy it is to have security breaches. Rochester Grammar School was forced to self-refer itself to the ICO after an unencrypted memory stick was lost.
The ICO takes its role very seriously, and the latest report from them shows that customers have no problem with reporting their concerns directly. It only takes one to create a full blown investigation into your business – taking up valuable time and resources. Give us a call or an email – we’d love to help.
And, as an aside – concerns have been raised about how to effectively recruit for data and analytics functions within businesses – now there is a niche market for you if you need one!