I’m sure by now you’ve all heard something about GDPR and that it will be coming into effect next month on the 25th May. But what does this mean for your organisation and what should you be doing going forwards?

Put quite simply, it could mean a change in the ways in which you collect, store and process data.

If your business or organisation holds personal data you need to ensure that you have a clear structure in place, the following steps may help you in the process:

  • List the data that you collect, where you get it from, what you do with it and who you share it with. You may need to arrange an information audit across your organisation.
  • Why are you holding this data? What lawful basis does it fall under?
  • Review your privacy notices and update these in time for GDPR implementation
  • Ensure that your software is ready to deal with data access requests and data portability
  • Data erasure, can your system delete data when it’s no longer necessary for the purpose for which it was actually collected
  • Make sure you’ve got a process in place to identify, resolve and report any breaches of data to the ICO (Information Commissioner’s Office).

If third party suppliers hold data on your behalf make sure they are GDPR compliant and include GDPR clauses in contracts. For example they should run audits to ensure they are still compliant on a yearly basis as a minimum.

What if you’re not GDPR compliant and there’s a breach of data?

The fines to organisations will be extremely costly. For a serious breach it is 4% of global turnover or €20 million, whichever is greatest. The majority of businesses simply cannot afford to take such a catastrophic risk.

If you haven’t already taken steps towards GDPR compliance we strongly recommend starting the process now.

John Goodacre is Account Executive at D E Ford Insurance Brokers, providing bespoke insurance packages for businesses and charitable organisations.

Covid-19 Notification

We are following guidance and trying to ensure that our staff can work from home where possible. If you wish to make contact, please continue to use the direct telephone or email details for your usual contact(s).

If you are making a general enquiry or do not know your service contact(s) please call 01904 784141or send an email to info@deford.co.uk

xCenta Risk Management Portal

Our team of Risk Managers have been busy developing and building a new Microsite portal. Our aim is to update the service to ensure our risk management clients continue to have access to lots of useful risk assessment guidance, case studies, forms and templates.

To access the Resource Portal, please Click Here to log on to our xCenta system.

If you have any questions or are unsure of your Username or Password, please speak directly to our xCenta Support Team on 01777 861829.

Thank you.

Site Navigation