The biggest change in data protection in a generation has officially begun.
On the 25th May 2018, the General Data Protection Regulation was enforced, and businesses across the EU are now subject to stringent regulations which carry dire consequences.
These new regulations force businesses to collect, use, store, transfer, sell and destroy their personal data and manage that data in a controlled and less risky way in order to protect other people’s personal data more effectively
It is vital that businesses understand the impact the new regulations will have upon their business and the consequences of not being compliant.
Sampson Hall have the expertise and a comprehensible implementation tool which will help organisations approach these regulations with confidence whilst ensuring they are getting the most out of the personal data they hold.
The regulations focus on protecting everyone’s personal data and if businesses do not comply with the regulations and they have a data breach or they are reported to the Information Commissioners Office for a breach of the regulations they may be liable to fines of up to 4% of global turnover or up to 20 million euros, whichever is greater.
Data subjects have more rights than the Data Protection Act 1998 and amongst other things they can request to access their data, rectify it, erase it and withdraw their consent for the use of it.
Your business must be able to demonstrate that you have lawful bases to process personal data and you must understand the differences in categories of data.
Sampson Hall work with organisations to design the most appropriate package to suit the needs of the business. The work we offer includes:
Governance and Leadership
Bespoke and templated planning to create a Data Management System and achieve GDPR compliance. The process will involve:
Compliance and Continuity
The maintenance and continued involvement of the board in the process.
Contact us to chat about your businesses requirements and how we can best help you work towards compliance.