Our personal data is everywhere, and as business owners you are responsible for processing that data safely and securely.
A little under 2 years ago saw a mass panic with regards to the law changes and despite it not being talked about as much it has not gone away. You should still be following your obligations under GDPR, Data protection is not only a legal issue for businesses, it can be a make-or-break deciding factor for customers in whether to use your services at all.
On 26 April 2006 the Council of Europe decided to launch a Data Privacy Day to be celebrated each year on 28 January, Data Privacy Day is an international effort to raise awareness, empower individuals and business to respect privacy, safeguard data and enable trust. The date is significant. It commemorates the signing of Convention 108 on January 28, 1981, marking the first legally-binding international treaty concerning privacy and data protection.
What should you do if you are not already GDPR compliant?
Start now, immediately… get your data under control. Take a look at our GDPR Made Simple for Business Owners guide as astarting point.
Data Protection may no longer be a buzz word but enforcement action does continue. The ICO lists the enforcement action it has taken and so far this year a former social worker has been prosecuted and Britain’s biggest electrical retailer has also been fined £500,000 after their ‘point of sale’ computer sale was victim to a cyber-attack and affected at least 14 million people.
These two very different cases highlight that no one is safe from prosecution. It does not matter how small you are.
Last month a London-based pharmacy was fined £275,000 for leaving about 500,000 documents in unlocked containers, no data was compromised but the fine was for failing to ensure the security of such data. A local windows company was fined last year for cold calling individuals who are registered with the TPS and don’t think you can fail to respond to a subject-access request either. The ICO issued an enforcement notice to a finance company that did just that.
This is just a snippet of what could land you in deep water if you do not take your data protection seriously!
So today on data privacy day take some time to revisit what your data protection policy is.
- Are the processes still continuing in the work place?
- Maybe have a data spring clean? Do you really need the details of the 4 year old enquiry that never materialised?
Please contact us should you need any further guidance regarding data protection.