Answer these Questions:
Do you hold the personal details of human beings?
Do they know that you have it?
If the answer is yes, then it had better be yes to the next few:
What is the legal basis you are using to process this personal data you hold on the individual?
Do you have consent from the individual to process their personal data?
Do you have your policies and procedures that show how you will comply with the GDPR?
Do you have the ability to respond to Data Subject access requests?
Does your business have the capability of noticing that you have been breached and can you state the nature and extent of the breach?
Can you notify the Information Commissioners Office (ICO) within 72 hours about a breach, what is was, who it impacted and what remedial action has been taken?
Can you identify the “personal data” that has been compromised?
Article 4 of the GDPR
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
Have you carried out the Data Protect Impact Assessments?
Are ALL of your staff fully aware of their obligations, regularly updated and trained in their responsibilities and wary of potential threats?
If your answers are affirmative, well done!! Your business is like 4 in 10 businesses in the UK: (Source Institute of Directors)
Unfortunately, that leaves approximately 3.2 million SME’s exposed to risk, and more importantly, the rights of the natural and the data that is held for them is at risk.
What types of risk? See what the ICO says: Data-Security-trends.pdf
Need some assistance moving forward? We can act as your data protection officer and assist with the implementation of policies and procedures to help get you on the road to compliance.