With the deadline for GDPR fast approaching you still have time to get your business ready and this checklist may help you do just that.
Your current business data
Your business will undoubtably hold data already and the questions to ask is do you know what this data is, i.e. name, address, job title, contact details? Where it came from, i.e. sign up forms, events etc. Why you have this data i.e. marketing, admin? and finally do you share this data with anyone or any other company. This is whats called a data audit and if you’ve not done on then you need to.
Is everyone in the business on board?
The implementation of GDP effects everyone in your business, so everyone needs to be aware of it and what the implications are. This is likely to mean changes are required but how will you know if you don’t bring your employees on board. We are all in some way data collectors so we all need to be a ware of our responsibilities when we collect data from anyone.
What information do you need?
Even business will need a privacy policy that covers what you do with data you collect and a key question to ask in this is what information you need and why you need it, it may well be you need a post code for possible deliveries or a phone number – please don’t ask for information you do not need.
Consent
For the data you hold and plan to use do you have permission to use this data, this will include things like how you got consent and did this include consent to use in the way you wish to do so. Also if you got consent through a simple form that the owner must be able to withdraw consent in a similar way, certainly it should be an easy process and no more difficult than how it was gained in the first place.
Unauthorised Loss of Data
Every business will need a procedure in place that covers the potential loss of data you hold, so you need to make yourself aware of what you need to do and what timescales are in place to fulfill this requirement. It is worth mentioning that the penalties can be unlimited by the Information Commissioners Office if you have a loss of data and you do not have a plan for managing this.
Getting your business facing these challenges and have them working for you shouldn’t be an afterthought – the businesses that succeed will be the ones that have a clear plan in place. If you need help in ensuring your business has the right tone of voice then please call us on 01392 241653 or contact us through the website here for a no obligation conversation.
Also if you need help with a GDPR documentation we can recommend Herbert Ball LLP and you can visit their website here.