GDPR – 1 Year On
With the 1 year anniversary of the GDPR coming into effect tomorrow, we thought it would be a good idea to reflect on everything we have learned including How has the GDPR law affected businesses? And are some organisations still not compliant?
When GDPR first came into play, there was lots of confusion on what needed to be addressed for businesses and what they needed to do to become compliant.
GDPR was created on an existing data protection law, so businesses that were already well educated on this were in good position. However, it did mean that some businesses struggled to understand what they needed to do in order to be compliant with the new law.
What Have Been the Biggest GDPR Fines?
Since the GDPR law came into effect, there have been almost 60,000 data breaches reported across the EU to ICO.
Google were fined £44 million for “lack of transparency, inadequate information and lack of valid consent regarding advert personalisation”. Equifax were fined £500,000 for failing to protect personal information, whilst Talk Talk were fined £400,000 after a cyber attack to access personal details, and Uber were fined £350,000 after the company paid off hackers who stole personal details of customers – without informing the victims of the incident.
It is important to remember that just because you are a small business, does not mean that you are safe from not being compliant. Every business needs to be compliant with the GDPR law.
To re-cap on what the GDPR law states you should have on your website:
- User Content Agreement
- Cookie Consent
- SSL Certificate
- Form Opt-ins
- Permissioned Email Database
How to Keep GDPR Compliant?
It is important to remember not to become complacent, as we have recently seen high profile data breaches, including Facebook. Here are some tips on staying compliant:
- Ensure that your website has all of the above – it is not too late to comply. Get a FREE GDPR Audit or contact us and we can bring you up to speed with GDPR
- Ensure staff understand that it is everyone’s responsibility to comply with GDPR
- Review and strengthen your security processes and put in procedures to prevent breaches
- Run regular training sessions for staff on handling data
Going forward, it is critical that businesses stay compliant and keep up to date with regular guidance. If you’re still struggling with GDPR, call us today and we can give you some friendly advice on the next steps to take.
View our GDPR packages that we offer, helping your business to become compliant