Oliver Price's Weekly GDPR Blog #16– I have got my new Data Policy so am I covered?

It looks like preparations for the new Data Protection Rules are well underway. This week I have been in touch with a number of clients making preparations for the GDPR to come in to force on the 25 May 2018.
There are some obvious steps that you need to take to get ready for the GDPR. These include updating policies and procedures and working out if you need a new Data Protection Officer. I have previously blogged about both preparations and the appointment a DPO. Even if you do not need a DPO it is sensible to have someone responsible for this area of compliance.
If you look at recent cases there is one obvious area that you need to audit carefully and that is your security arrangements. Apart from automated calling and the spamming companies the largest fines almost universally come down to failures of computer security. The recent Carphone Warehouse fine of £400,000 is a good example of where security failures included the use of weak passwords, failure to keep software up to date and failures to patch software. Therefore if you have not yet done it, it is time to go and speak to either your IT Manager or external IT providers and assess how secure your data arrangements are.
At my firm we are changing our computers this year and data security remains at the top of our agenda.
26 January 2018

Last updated 26/01/2018