Will GDPR spell disaster for Britain’s businesses?
GDPR, the EU regulatory ruling, comes into effect May 2018 and will affect EVERY business in the UK. All businesses must comply or risk the consequences. But will non-compliance with the new rulings spell DISASTER for Britain’s businesses?
GDPR, or General Data Protection Regulation, requires all businesses to protect and properly manage all customer privacy data.
The EU regulations, coming into effect May 25, 2018, are designed to revolutionise the way public data is handled by big companies.
The ruling states that businesses must make all efforts to protect and securely manage all private and personal data of any EU citizen or customer that they hold.
The rulings were put in place in response to a sustained spate of major hacks stealing millions of user data.
In these cases, the businesses are at fault for not securely protecting data, putting every customer at risk of having their data stolen and used against them.
There’s some debate about whether high fines will be levied, and in what circumstances, but it’s possible that some data regulators will want to send a clear message by making an example of a company for non-compliance.
Apparently, the European Data Protection Board (EDPB) will offer guidance on fines, but that guidance is not yet available and the first few cases are liable to set a precedent.
Most UK businesses will have invested more than £1million in making sure they are fully compliant.
Tamzin Evershed is head of legal at Veritas Technologies, understands that, while many businesses are aware of GDPR, they don’t know the consequences of non-compliance.
In an exclusive interview with Express.co.uk, Tamzin said: “One of the key challenges that many companies are facing is the complexities around effectively managing their data regardless of where it sits in their organisation. Companies need to have complete visibility into data, including what information is stored, how it is used, who owns it and who accesses it.
“They also need to have the ability to search through large volumes of digital data so that it can be accessed quickly to respond to requests from individuals to access, erase, or restrict personal data in a timely manner, in line with GDPR requirements.
“Aside from technology, businesses must also instill a culture of digital compliance and responsibility among employees. Our research found that many businesses are putting in place new processes and policies including training, rewards and updated contracts in support of GDPR compliance.
“As a result, employees will understand the role they play in protecting their organisation’s data.
“If businesses focus on implementing the right technologies and processes to better manage their data, the potential business benefits are huge. Those that achieve GDPR compliance expect to benefit from improved customer relationships, a stronger reputation, and improved revenues.”