Monday 25th May 2020 marks the two year anniversary of GDPR coming into force across the EU, including the UK.
The GDPR requires you to always be compliant with its rules. In normal times the fact that GDPR is two years old this month would be enough for most businesses to be thinking about reviewing their GDPR compliance, checking they’re still doing all the right things. Afterall, most businesses evolve in one way or another, whether that’s changing services or changes to their teams, so, a lot could have changed that requires revisiting GDPR, to ensure they’re still on the right track. However, during the Coronavirus “new normal” the importance of maintaining compliance is even more relevant as businesses adapt to working in different ways or welcoming employees back as lockdown begins to lift, processing employees’ Covid-19 data, taking their business online, etc.
Being GDPR compliant was not a one off for May 2018. Ongoing compliance is a key part of the accountability principle the GDPR introduced, the data protection rule that says you have to show you are compliant and continue to be. EAT, SLEEP, GDPR, REPEAT should be your compliance mantra! Generally, this means you need to:
- Review your processing activities and identify anything that has changed since you last looked at your compliance
- Make sure your documentary evidence of compliance is up to date including your records of processing activity
- Ensure your internal and external policies (e.g. privacy policies) are up to date and staff are reminded about their compliance duties (i.e. refresh their training)
But, with Coronavirus currently part of our lives this also means that the following should also be considered:
- How your compliance is impacted by a workforce working remotely and from their homes both in terms of security and employees applying the same data protection principles away from the office
- How your existing data protection processes are impacted and whether they need to be amended to reflect the “new normal”
- Whether you have all the right checks and balances (documentation) about any new processes or systems you’re now using (e.g. the increased use of video conferencing, allowing employees to access systems from their own devices, etc.)
- What the health and safety impact of returning to work means if you need to process health information (specially protected by GDPR) about employees who may or may not be tested for Coronavirus or display symptoms
Whether you’ve just not reviewed your compliance in the last couple of years, or your business is now operating differently because of Coronavirus, now’s the perfect time to make sure you really are still GDPR compliant.
And, we can help you with all this.
Our new helpline services are designed to offer help and support regardless of your size of business or where you are with your GDPR compliance. Our GDPR DIY helpline gives you access to our online Knowledge Centre resources, plus help via a Facebook support group so you can get everything in place yourself; our GDPR UNLIMITED helpline not only provides unlimited email and phone support and access to the Knowledge Centre, but also up to 4 hours “hands-on” help so we can do some of the hard work for you or even be your DPO for you. And, if you’re not looking for ongoing support, there’s always our PAYG (pay-as-you-go) option, where you pay by the hour for the help you need, whenever you need it.
Furthermore, if you’re thinking it’s about time you reviewed your existing compliance, we’re offering a 3 month subscription to our GDPR UNLIMITED helpline to provide a review, report on our findings and implementation of those findings. So, not only do you get unlimited help and up to 12 hours (across the 3 months) “hands-on” help to carry out the review, you spread the cost over 3 months and save money (a 3-month subscription will cost you £1275+VAT where-as a normal GDPR review alone (so not including implementation help) would normally cost you £1500+VAT)
Providing cost-effective, simple to understand and practical GDPR and ePrivacy advice and guidance, via my one-stop-shop helpline. I ❤️ GDPR