Have you caught the eye of the tiger?

Jeremy Holt
Partner | Clark Holt Limited
21st July 2017
Member roleInitiative member

There is a tiger that is currently stalking British business. The world is divided into those who know about the tiger and are taking appropriate action and those who do not and who are very likely to attract the eye of the tiger. If they get this wrong not only do they face enormous fines of up to €20,000,000 but they also face customer embarrassment in being obliged to write to those whose personal data has accidently been leaked to third parties. They can also be responsible to such people for any financial loss they may suffer. The tiger concerned is the General Data Protection Regulation (“GDPR”) which comes into force next year and completely replaces the existing Data Protection Act. All current commercial contracts that last beyond May 2018 need to take GDPR into account.

If this was a thoroughly boring article about GDPR there would now be a section on the increased obligations of data processors plus a list of the different notifications that would need to be given to data subjects before the collection of their personal data.  This is not one of those articles. Suffice to say that every business will need to look at what personal data they hold and take advice from a skilled professional on how to comply with the new rules.  The checklist below may help you to avoid being spotted and eaten by the tiger.

Checklist for preparing for GDPR:

A. What personal data do you currently hold within the organisation? NB this could relate to customers, suppliers, staff or people on your contact database.

B. How did you get that personal data and on what basis was it given to you?

C. Do you hold such data as either data controller or data processor?

D. What do you do with that data?

E. What security arrangements do you have around such data?

F. What arrangements do you have to keep that data up to date?

G. What arrangements do you make for the deletion of personal data when it is no longer required?

H. What data do you give to third parties? (e.g. staff data to your payroll company)

I. Where (geographically) are such third parties?

J. Who is in charge of data protection in your company?

K. If you buy in marketing information containing personal data, on what terms did you get such data?

Visit the Business West General Data Protection Regulation (GDPR) page if you would like more information about how it will affect your business

  • Let us help you

    By registering your interest, we'll be equipped to help answer any questions you may have about the GDPR and provide further information about how it will affect your business

Do you want to join the conversation?

Sign up here
  • Quick professional advice

    Get 30 minutes of free advice over the phone from a local legal, accountancy or HR firm.

  • 21,000 businesses trust us to help them start, grow, innovate & export - as well as lobby government on their behalf.

  • More on GDPR

    Visit our GDPR hub to access more information, guides and advice.