GDPR - look out, it's behind you!

It is tempting to think of GDPR as a 2018 moment in time, and that you have ‘ticked all the boxes’. However, to quote the Information Commissioner “Unlike planning for the Y2K deadline, GDPR … requires ongoing effort”.

As well as ensuring legal compliance, we live in an increasingly privacy-savvy world, with data subjects (your clients and employees) becoming more aware of their rights and often unafraid to exercise them. Business reputations are at stake and regulatory attention a mere breach away.

Particularly in SMEs, with no dedicated privacy headcount, there can be gaps in GDPR compliance. Privacy notices and other mandatory documentation can be missing or deficient. Planning for breach notification may be non-existent, increasing legal risks. Remember, it’s about more than a website cookie notice.

The trick, though, is not to scare. Not to over-engineer. GDPR compliance in SMEs can often be achieved with a few, simple steps. We will always endeavour to 'keep it simple' and transparent.