GDPR – what does it mean to an organisation?
Wake up! Your business can’t afford to treat privacy as an afterthought any longer.
From May 2018, new data protection laws (GDPR) will change.
This affects how you deal with consumer data and individual persons’ information. You may have already heard about these changes in the news, however, you can read more below.
To assist local organisations we’re holding a number of free events and training workshops.
Our Free Seminars
To explain the importance of understanding your responsibilities we have joined forces with HEXAD Information Security Services.
This free two-hour session outlines the GDPR and explains the major things your business must do to meet the requirements of GDPR. This includes the legal responsibilities of directors and board members and what they can do to become and remain compliant.
Our first seminar is already fully booked, but we have seats available on 14th November.
Hands-on, practical workshops
Following on from the seminar, in conjunction with HEXAD, is the opportunity to attend separate training workshops. The workshops provide hands-on training and are tailored to your type of organisation. You will receive packs before the training, as well as a detailed booklet to take away.
The workshops are being offered at introductory discounts for a limited time. Learn more and book here:
What else should I know about the GDPR?
It will be a requirement that all organisations providing goods and services to EU residents to conform to the rules it lays down, or face serious penalties.
“The new legislation creates an onus on companies to understand the risks that they create for others and to mitigate those risks. It’s about moving away from seeing the law as a box ticking exercise, and instead to work on a framework that can be used to build a culture of privacy that pervades an entire organisation.” (Elizabeth Denham CEO Information Commissioners Office, March 2017).
GDPR is not a cybersecurity regulation. It is a data protection law and ‘Business Risk’ issue. The Information Commissioner’s Office, the UK data privacy regulator, has stated that directors will be personally responsible for breaches.
If they fail in their supervision then they will be liable to prosecution.
What are the Penalties for non-compliance with GDPR?
Penalties for non-compliance will be severe. The responsibility for compliance with the GDPR will, in practice, fall on the company’s directors. This will add to the burden that directors face in discharging their duties to the company. The Information Commissioner’s Office is at present empowered to request personal undertakings regarding future conduct from board members to ensure that the company complies with its data protection obligations.