GDPR - how does it affect you?
GDPR (General Data Protection Regulation) is an acronym that you’re probably familiar with by now, right? You must have seen it even if you’re not entirely clear on what it is. In particular, here at purechannels we are having conversations on a daily basis about how we can help all types of organisations in the channel.
Grab a cuppa and have a read of our quick and helpful guide. Over the coming weeks, we’ll be posting a lot more information to help you understand and prepare for GDPR, May 2018.
Firstly, you need to be clear about what GDPR is and what it means for your business.
What is GDPR?
On the 25th May 2018 GDPR will be enforced. The regulations are an extension of the DPA (Data Protection Act) and will protect customers as well as give them greater power over the data that businesses hold on them.
With greater security threats and breaches occurring all too frequently, you will be required to handle customer data extremely carefully and be seen to be doing the maximum to avoid data breaches and cyber-attacks.
Lack of compliance could mean fines of up to €20 million or 4% of your previous year’s turnover, whichever is the greater.
Will it affect you?
If you work in B2B, then don’t expect to get away without being compliant. GDPR is the most significant law that has been enforced over the last 20 years, and will affect every business big or small across 28 counties in Europe as well as anywhere else which handles personal data on EU residents. Now is the time to take the necessary action to stop non-compliant data activity occurring in your business, which could result in you facing these crippling fines. In addition, you’ll need to look at how compliant the organisations are in your channel; vendors, distributors and the partners you work with.
Why should I bother?
Under the new GDPR legislations, businesses will have 72 hours to notify and communicate any breach occurring. Failure to do so could cause your business to receive the maximum fine of €20 million or 4% of last year’s turnover, whichever is greater.
Businesses, especially those large enough to operate a procurement department, will be looking to work only with companies that are GDPR compliant, which could result in the loss of business for some, but opportunities for others. This is of particular relevance in the channel and supplier engagement.
The 12 steps
The following simplified 12 steps are a great starting point to compliance, which should be considered now.
With almost exactly 12 months to go, there are some big changes to consider around how you handle, store and manage personal data, as well as the vendors and suppliers you interact with.
It is best to seek some expert advice on the matter to understand exactly what the implications are for your business, given the potentially high fines.
There are some significant implications on your business too, and we will be covering these in future blogs. This week we will start our “12 months to GDPR countdown”… so watch out for that too.