Is GDPR still a concern for your business? Here’s how to make sure you’re meeting all the requirements

It’s been twelve months since the introduction of GDPR – the game-changing new data privacy legislation. However, research shows that many organisations are still struggling to meet the necessary requirements. Surveys published to coincide with the first anniversary of GDPR on 25th May show that a significant number of businesses are in breach of the legislation.

So what do these findings tell us, and what can you do to make sure your business meets all the necessary requirements?

 

Findings show just how much businesses are struggling with GDPR

Research by Crown Records Management found that more than 75% of organisations could be struggling with GDPR compliance. The results showed that only 23% of businesses felt their compliance capabilities around GDPR were “very good”.

What’s more, only 20% of the data professionals surveyed felt their data collection processes were compliant with GDPR, which leaves many businesses at risk of fines. 46% of respondents said their organisation’s data storage methods needed improving, while 44% admitted substandard data retrieval processes and 43% expressed concern about their data storage and protection.

Another study, this time by CybSafe, revealed similar findings. 56% of respondents admitted that their business had failed to request consent to store sensitive data, while 16% said they had knowingly ignored access requests.

CybSafe concluded that “the majority of UK businesses are in breach of GDPR rules and few have changed their corporate policies as a result of the legislation.”

A Twitter poll by Infosecurity Europe 2019 also found that businesses are struggling with the new legislation. 68% of respondents believe that organisations have not taken GDPR seriously and are still not compliant. 47% also said that GDPR regulators are too relaxed about enforcing standards.

Similarly, Shred-it carried out a survey of 1,400 UK SMEs and found that, while there is a general “positive understanding and engagement with the principles of GDPR”, 60% of respondents stated that the changes to data protection laws have had a “slight” or “no” impact on how their business operates. Less than a third of businesses (32%) stated that GDPR has had a “great” or “considerable” impact on their organisation.

 

5 steps to GDPR compliance

While ensuring that your business complies with GDPR legislation may seem overwhelming, there are ways to make compliance much more manageable. Here are 5 steps to help you through the process.

ACCESS: Gaining access to all your data sources is the first key step towards GDPR compliance. You must access what personal data is being stored across your business, no matter what the technology used was. Offering clear access to all data sources is a prerequisite for establishing any potential risks to privacy exposure. You can’t rely on common knowledge for this, you need to prove what data is being stored and where it is.

IDENTIFY: Once you’ve found all your data sources, you need to do a thorough examination of what data is being held in them. You’ll then need to extract, categorize and catalogue any data held such as names, email addresses and National Insurance numbers. Pattern recognition, data quality rules and standardisation are key to this process.

GOVERN: You’ll need to get a clear understanding of what personal data means and share this definition across your business. Privacy rules must be documented and shared across all lines of your organisation, and this helps to ensure that personal data can only be accessed by those with the proper rights.

PROTECT: Once you have established a personal data inventory and governance model, you’ll need to set up protection for the data. This can be done using three techniques: encryption, pseudonymization and anonymization. Delete any data which isn’t critical to your business and find the appropriate method for protecting the rest.

AUDIT: The final stage in your journey to GDPR compliance is auditing. You’ll need to produce reports which clearly reveal to regulators that: you know what personal data you have and where it is located; you properly gain consent from individuals involved; you can prove how data is used, who uses it and for what purpose; you can manage factors like the right to be forgotten and data breach notifications.

 

Need help getting your business off the ground? TEDCO is here to give you all the support you need. Get in touch with our team today by calling 0191 516 61 02 or email us at hello@tedco.org.

What we offer

TEDCO offers one-on-one support provided by a dedicated team of business advisors and a range of pre start seminars available to clients who are taking the first steps into self-employment. This could be looking at an initial idea and developing it further, looking at how to start a business plan, business competitors, business marketing.

Are you eligible?

If you are looking to start and grow a business we’d love to hear from you. Our friendly team of experienced Business Advisors are on hand to take your call to discuss the support available.

Latest News

4 ways to promote growth in your start up

4 ways to promote growth in your start up

Don’t get stuck in a rut when it comes to your small business Starting a business is a big challenge, but running it is arguably an even bigger one. You might think that the hardest work is behind you once you’ve got your business off the ground, but it actually takes...

read more
Virgin StartUp Commits to 50/50 Pledge

Virgin StartUp Commits to 50/50 Pledge

Virgin StartUp will help thousands more women to start their own businesses and to thrive with its 50/50 funding pledge. For every ten new businesses founded by men, there are currently fewer than five started by women. Virgin StartUp will level the playing field by...

read more

Latest News

4 ways to promote growth in your start up

4 ways to promote growth in your start up

Don’t get stuck in a rut when it comes to your small business Starting a business is a big challenge, but running it is arguably an even bigger one. You might think that the hardest work is behind you once you’ve got your business off the ground, but it actually takes...

read more
Virgin StartUp Commits to 50/50 Pledge

Virgin StartUp Commits to 50/50 Pledge

Virgin StartUp will help thousands more women to start their own businesses and to thrive with its 50/50 funding pledge. For every ten new businesses founded by men, there are currently fewer than five started by women. Virgin StartUp will level the playing field by...

read more

©2018 TEDCO Business Support Ltd. All Rights Reserved. View our privacy policy Company Number: 08568533 | TEDCO Business Support Ltd | VAT No. 169 8629 44 GB. North East Business and Innovation Centre (BIC) Wearfield, Enterprise Park East, Sunderland, SR5 2TA, United Kingdom.