Our GDPR & Compliance Services

What is GDPR?

Are you complaint?

Take our survey today!  or contact us here if you have any queries  about either GDPR or your personal data gdpr@rtfnetworks.co.uk

The new regulation expands on the current privacy protections and includes new requirements for companies that handle personal data originating in the EU. This means companies who were previously compliant with the Data Protection Directive may not be compliant with the GDPR.

UK organisations handling personal data will still need to comply with the GDPR, regardless of Brexit. The GDPR will come into force before the UK leaves the European Union, and the government has confirmed that the Regulation will apply, a position that has been confirmed by the Information Commissioner.

Key Changes

There are a number of key changes from the current laws, to the new GDPR.

  • Right​ ​To​ ​Be​ ​Forgotten
    The requirement for an organisation to completely delete data on an individual at request.
  • Removal​ ​of​ ​Data
    Data must be deleted if it’s no longer required or if the data is no longer used for the purpose it was intended for.
  • Legal
    Individuals are able to sue for non-compliance.
  • Consent
    Consent must be clearly obtained if you wish to hold personal data.
  • Breaches
    Business must report any breaches to the ICO within 72 hours of the breach occurring. From 25th May 2018, failure to notify within the time frame may result in financial penalties, as detailed below.

What​ ​Data​ ​Does​ ​GDPR​ ​Cover?

The new GDPR regulations cover personal data on an individual.

Personal Address, Contact Names and Numbers, Email Address, Racial & Ethnic Origin, Political Option, Religious Beliefs, Sexual Orientation, Physical or Mental Health Information, Registration to Trade Unions, Criminal Record

What​ ​Should​ ​You​ ​Be​ ​Doing?

  • Appoint​ ​a​ ​data​ ​protection​ ​officer​ ​– Appoint someone within your business who will take ownership of data protection and ensure you are GDPR compliant.
  • Review​ ​the​ ​data​ ​you​ ​store​ ​– Review any of the personal data you hold and where it’s stored. Create an inventory, and review any security processes around this.
  • Consult​ ​an​ ​expert​ ​– If, as a business, you feel you don’t have the expertise in-house to confidently and accurately ensure all your data meets the GDPR regulations, consult a data protection and security expert who can review this and make recommendations on your behalf. Focus Group have consultants who can help with this.
  • Create​ ​a​ ​plan​ ​– Once you have identified all the data you hold and any possible vulnerabilities in how it’s stored, create a plan to get these resolved. Focus on high risk issues first. The changes could include rolling out new internal processes, training staff, new legal contracts or changes to IT setups to protect the data.

Contact us on 01622 238 448