The EU General Data Protection Regulation (GDPR) and new Data Protection Act
The EU’s General Data Protection Regulation (GDPR) was enforced on 25 May 2018 and sits alongside the new Data Protection Act 2018 in the UK. The new laws finally bring data protection into the 21st Century and reflect the rights of individuals to control how their personal information is collected and processed in the digital age. It places a range of new obligations on organisations to be more accountable for data protection.
Compliance is an obligation not a choice
GDPR compliance is not achieved via a new system or by ticking some boxes; the Regulation demands a new principle of accountability, which means that organisations must be able to demonstrate their compliance with the data protection principles. This involves nurturing an organisational wide culture that respects data privacy and security. The appropriate compliance framework will ensure that an organisation avoids significant fines and reputational damage but there are also business benefits that directly result from this culture:
- Build brand image and improve competitive advantage
- Build customer trust and protect reputation
- Protect information security and improve data governance
We understand that you want to concentrate on your business and may see GDPR as a hindrance and a barrier to sales and marketing. We can help you to:
- Understand how your CRM environment will be affected by the new data protection laws and what you may need to do to reconfigure it to support your journey to compliance.
- Provide tools to help you to map your data processes and record the flows of information that involve personal data. Find out more about our data mapping product Flowz here
- Provide training and support for your staff including our GDPR awareness and training workshop.
If you are operating in a complex data processing environment and don’t have the time or expertise to manage your own GDPR readiness project we can help you: