• About us
  • Pricing
  • Services
    • Consultancy
    • Training
  • Partners
  • Resources
  • Contact
  • Login
  • Try for FREE
25th May 2018 is a starting point not a finish
Dealing with the GDPR hangover – what next after 25th May 2018?
June 1, 2018
Files on a shelf
Benefit from GDPR – declutter your organisation!
July 2, 2018
June 21, 2018
Will GDPR trip your organisation up?

The direct hazards of non-compliance with GDPR

It might seem like things have gone quiet on the General Data Protection Regulation (GDPR) front since 25th May 2018 but don’t be fooled – there are many hazards of non-compliance with GDPR out there just waiting to trip you up.

In the last few weeks we have heard almost daily reports of organisations from the Police to retailers and service providers being fined for non-compliance with data protection legislation. We look at three hazards of the GDPR legislation which could trip you up:

  • Subject requests
    A subject request could come in at any time following the introduction of the GDPR and from any direction. An employee could ask for a copy of all the personal data you hold on them – and remember this could include all images you have of them as well as documents and records. A former customer could ask you to delete all personal data you have collected on them. A supplier could ask you to correct the misspelling of their surname. Would you be able to confidently deal with and respond to the request within the 30 day period required by the GDPR?
  • Data breaches
    A data breach can be as simple as emailing the wrong person, leaving a document on the train and losing a phone or more complex, like falling for a phishing email or being subject to hacking. Do your employees know how to spot a data breach and what to do if there is one? With only 72 hours to report a serious breach to the regulator, the Information Commissioners Office (ICO), you need to be confident that your staff have been trained to spot and react to a breach, and that you have the right systems in place to deal with these promptly.
Will GDPR trip your organisation up?
  • Complaints to the ICO
    All it takes is for one disgruntled former employee or customer or even a neighbour or competitor to raise questions about your compliance and complain to the regulator. It doesn’t take five minutes for anyone to check whether you have a GDPR compliant privacy notice on your website or whether you have paid your data controller fee to the ICO. But even if you have those outward facing steps in place, would your approach to GDPR compliance withstand a probe by the regulator?
Despite what you would think from the scaremongering bandied around pre 25th May, the ICO isn’t aggressively scouring the UK to find organisations that aren’t GDPR compliant in order to fine them the maximum penalty of 4% of their annual global turnover. At the same time, if your organisation is flagged to them, the likelihood and severity of a fine will be dependent, in part, on your ability to demonstrate the steps you have taken to be GDPR compliant. Could your business survive the financial and reputational impacts of a data breach or compliance failure?

To ensure you have the right systems, procedures, policies and training in place, subscribe to the secure online Astrid platform today. Receive all the tools and guidance you need to become and remain compliant, and the evidence you need to demonstrate that compliance.


Protect your business - become and remain GDPR compliant with Astrid

 
Subscribe
 
Share
Nicki Chennells
Nicki Chennells

Related posts

February 24, 2022

GDPR and CCTV cameras in vehicles – are you still compliant with data protection laws?

Read more

Leave a Reply Cancel reply

You must be logged in to post a comment.

Astrid Data Protection Ltd.

24 John Clare Close
Brackley
Northamptonshire
NN13 5GG

Useful links

  • Home
  • About us
  • Pricing
  • Services
  • Partners
  • Resources
  • Contact
  • Privacy notice
  • Cookie policy
Company number: 11166227 - ICO registration: ZA310233 - © 2018 Astrid Data Protection Ltd.
Astrid Data Protection Ltd uses cookies on this website. Some are essential, others improve functionality and track your use of the site to help us improve it. You can reject the functionality and tracking cookies using the Reject button. To find out more read our cookie policy. Accept Read More Reject
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT