General Data Protection Regulation

Are You Compliant? We Can Help You

As of 25th May 2018, the new General Data Protection Regulation (GDPR) became enforceable within the UK. Yet, there are still companies and individuals who are still confused as to what is required by the GDPR.

What is GDPR?

The GDPR brings greater accountability and transparency in how organisations store and utilise personal data.
Non-compliance to the GDPR could potentially result in heavy fines of 20 MILLION EUROS or 4% of annual turnover (whichever is the greater).

Non-compliance will bring a loss of morale, loss of confidence, potential loss of business, loss of reputation and potential financial penalties from contractual implications.

Key points for companies to note:

1. Understanding the consent and legitimate interest rules to hold employees’ and customer personal data.
2. Show data protection compliance.
3. Build data protection into your day to day processes and recording.
4. Communicate to employees and customers their rights under the GDPR in relation to the processing of their Personal Data.
5. Respond quickly to subject access requests.
6. Ensure suppliers and sub-contractors that process data, are compliant with GDPR.
7. How to react to and report Data Breaches.

Shaw Integrated Management Systems will help you:

For an affordable monthly fee, tailored to your requirements:

1. Help you to comply to the GDPR by including within your Business processes and procedures how you store and utilise data.
2. Implement processes by which you appoint relevant personnel who are competent in the legal aspects of processing data under GDPR.
3. Implement the review and auditing processes required in an Information Security Management System, ensuring that you are maintaining and improving compliance.
4. Identify areas for improvement, including the engagement of Cyber Security assessment organisations.
5. Maintain your compliance to the requirements of the GDPR.
6. Offer our services as outsourced Data Protection Officer (DPO).