Is GDPR still a concern for your business? Here’s how to make sure you’re meeting all the requirements

It’s been twelve months since the introduction of GDPR – the game-changing new data privacy legislation. However, research shows that many organisations are still struggling to meet the necessary requirements. Surveys published to coincide with the first anniversary of GDPR on 25th May show that a significant number of businesses are in breach of the legislation.

So what do these findings tell us, and what can you do to make sure your business meets all the necessary requirements?

 

Findings show just how much businesses are struggling with GDPR

Research by Crown Records Management found that more than 75% of organisations could be struggling with GDPR compliance. The results showed that only 23% of businesses felt their compliance capabilities around GDPR were “very good”.

What’s more, only 20% of the data professionals surveyed felt their data collection processes were compliant with GDPR, which leaves many businesses at risk of fines. 46% of respondents said their organisation’s data storage methods needed improving, while 44% admitted substandard data retrieval processes and 43% expressed concern about their data storage and protection.

Another study, this time by CybSafe, revealed similar findings. 56% of respondents admitted that their business had failed to request consent to store sensitive data, while 16% said they had knowingly ignored access requests.

CybSafe concluded that “the majority of UK businesses are in breach of GDPR rules and few have changed their corporate policies as a result of the legislation.”

A Twitter poll by Infosecurity Europe 2019 also found that businesses are struggling with the new legislation. 68% of respondents believe that organisations have not taken GDPR seriously and are still not compliant. 47% also said that GDPR regulators are too relaxed about enforcing standards.

Similarly, Shred-it carried out a survey of 1,400 UK SMEs and found that, while there is a general “positive understanding and engagement with the principles of GDPR”, 60% of respondents stated that the changes to data protection laws have had a “slight” or “no” impact on how their business operates. Less than a third of businesses (32%) stated that GDPR has had a “great” or “considerable” impact on their organisation.

 

5 steps to GDPR compliance

While ensuring that your business complies with GDPR legislation may seem overwhelming, there are ways to make compliance much more manageable. Here are 5 steps to help you through the process.

ACCESS: Gaining access to all your data sources is the first key step towards GDPR compliance. You must access what personal data is being stored across your business, no matter what the technology used was. Offering clear access to all data sources is a prerequisite for establishing any potential risks to privacy exposure. You can’t rely on common knowledge for this, you need to prove what data is being stored and where it is.

IDENTIFY: Once you’ve found all your data sources, you need to do a thorough examination of what data is being held in them. You’ll then need to extract, categorize and catalogue any data held such as names, email addresses and National Insurance numbers. Pattern recognition, data quality rules and standardisation are key to this process.

GOVERN: You’ll need to get a clear understanding of what personal data means and share this definition across your business. Privacy rules must be documented and shared across all lines of your organisation, and this helps to ensure that personal data can only be accessed by those with the proper rights.

PROTECT: Once you have established a personal data inventory and governance model, you’ll need to set up protection for the data. This can be done using three techniques: encryption, pseudonymization and anonymization. Delete any data which isn’t critical to your business and find the appropriate method for protecting the rest.

AUDIT: The final stage in your journey to GDPR compliance is auditing. You’ll need to produce reports which clearly reveal to regulators that: you know what personal data you have and where it is located; you properly gain consent from individuals involved; you can prove how data is used, who uses it and for what purpose; you can manage factors like the right to be forgotten and data breach notifications.

 

Need help getting your business off the ground? TEDCO is here to give you all the support you need. Get in touch with our team today by calling 0191 516 61 02 or email us at hello@tedco.org.

What we offer

TEDCO offers one-on-one support provided by a dedicated team of business advisors and a range of pre start seminars available to clients who are taking the first steps into self-employment. This could be looking at an initial idea and developing it further, looking at how to start a business plan, business competitors, business marketing.

Are you eligible?

If you are looking to start and grow a business we’d love to hear from you. Our friendly team of experienced Business Advisors are on hand to take your call to discuss the support available.

Latest News

Whitley Bay Business Wins Entrepreneurial Spirit Award

Whitley Bay Business Wins Entrepreneurial Spirit Award

Gail Curry of Happy Planet Creative Arts in Whitley Bay is winning recognition for her Entrepreneurial Spirit after taking home an award at the 2019 Natwest Great British Entrepreneur Awards.   Now in its seventh year, the NatWest Great British Entrepreneur...

read more
Darlington Martial Arts Business Takes Home Gold

Darlington Martial Arts Business Takes Home Gold

An enterprising martial arts instructor is celebrating a gold-winning first year in business as instructors from Sensei in Darlington take home the top honours at the Brazilian Jiu jitsu British Masters Championships.   Physiotherapist Rick Boyle (38) set up...

read more

Latest News

Whitley Bay Business Wins Entrepreneurial Spirit Award

Whitley Bay Business Wins Entrepreneurial Spirit Award

Gail Curry of Happy Planet Creative Arts in Whitley Bay is winning recognition for her Entrepreneurial Spirit after taking home an award at the 2019 Natwest Great British Entrepreneur Awards.   Now in its seventh year, the NatWest Great British Entrepreneur...

read more
Darlington Martial Arts Business Takes Home Gold

Darlington Martial Arts Business Takes Home Gold

An enterprising martial arts instructor is celebrating a gold-winning first year in business as instructors from Sensei in Darlington take home the top honours at the Brazilian Jiu jitsu British Masters Championships.   Physiotherapist Rick Boyle (38) set up...

read more
Here’s why every start-up should go green

Here’s why every start-up should go green

Environmentalism is the issue of the age, and every business has a part to play Starting your own business is a precarious juggling act. Between perfecting your products and services, creating a marketing strategy, hiring the right staff and keeping all your finances...

read more

Telephone

0191 516 6102

Address

TEDCO Business Support Ltd,
North East Business & Innovation Centre, Wearfield, Enterprise Park East, Sunderland,
SR5 2TA

Tedco Social

Follow us on your favorite
social media channels below:

7 + 15 =

©2018 TEDCO Business Support Ltd. All Rights Reserved. View our privacy policy Company Number: 08568533 | TEDCO Business Support Ltd | VAT No. 169 8629 44 GB. North East Business and Innovation Centre (BIC) Wearfield, Enterprise Park East, Sunderland, SR5 2TA, United Kingdom.