GDPR. Four letters that have spun many a sane person into a massive tailspin this week. We all understand the basics of GDPR now or at least we are supposed to. Workers should have been made aware of the new guidelines by now.
- Data storage must be secure and access confined to those who need to utilise it.
- You need to know who your data controllers within your firm are. You need to be able to contact them in cases of potential and real data breaches.
- Terms and conditions of data storage and manipulation have been updated.
- Your marketing email lists will have been decimated as “customers” data has been removed unless they have opted in again.
Where do we go from here? What next for the GDPR train?
The keys issues for business’ will be the data storage. The potential for the £20m or 5% of turnover fines will scare everyone into changes. Most of these can be good for us, as workers and business’. Data will be minimised. Unnecessary data will be deleted. Storage will be more secure. Workers will not be able to pry on others data.
Workers will have to be more “clever” in what they record. You should not say anything in an email, letter or recorded call that does not need to be said. This can be requested by people named within any such correspondence. Anyone can ask for all data you hold on them and this must be issued within a six-week period.
The right to erasure will affect many different business’ in many ways. If you have a legal obligation to store a customers details, this must be adhered to. Thus a customer may request for all their records to be destroyed but if you need to store this for HMRC or accounting reasons, you may decline. AML is also a legitimate reason for storing financial data. You must hold this for at least a five-year period.
Still plenty of questions, but the commissioners latest statements about wanting to work with business’ instead of looking to catch them out is promising. It means that firms who are able to show they are trying to meet the requirements will be given some lee-way.