GDPR – there’s still time to get it right

After last week’s frenzy of emails, the General Data Protection Regulations (“GDPR”) are now in effect.

It is not often that a new piece of regulation generates such activity, achieving more Google searches last week than flights to Kiev and new goalkeepers!

Achieving GDPR compliance might seem like a daunting process but, once complete, your organisation will have a detailed overview of its operations. An updated Data Protection Policy and Privacy Notice will be in place; and your organisation must conduct an audit of all data held, the purpose for retention and identify all persons with whom the data is shared.

The media noise will die down, but for the new Data Protection Officers and others in charge of compliance, the critical period of enforcing these new policies and procedures has commenced.

For those who are not yet quite there yet, there is still time. The Information Commissioners Office maintains its position is to provide assistance to organisations in the first instance, but that it will implement fines or sanctions in the event of deliberate or negligent use/loss of data. MTB will continue to work with organisations to deliver excellence as the focus shifts from initial compliance to embedding a culture of good data management processes.