On the 25th May 2018 the General Data Protection Regulation (GDPR) will come into force across the European Union and Berry Smith are asking one question:
ARE YOU READY?
It is essential that businesses understand that it is not enough to just comply with GDPR but they must also be able to demonstrate their compliance. This is known as Accountability (Article 2.1 GDPR).
Accountability is achieved by ensuring that the key GDPR principles are not only embedded within your organisation but also having in place the appropriate and necessary documentation and policies.
Processing Personal Data requires all Data Subjects be provided with a Privacy Notice which states, among other things, the purpose and lawful basis for the processing.
The provision of the Privacy Notice is a mandatory requirement, however, a Privacy Notice on its own will not successfully demonstrate Accountability.
Berry Smith are able to provide a suite of documents, tailored to your business, that will assist with demonstrating Accountability. The suite will include essential documents such as:
- Privacy Notice
- Data Security Policy
- Privacy Policy
- Subject Access Request Form
- Data Breach Incident and Notification Policy
- Subject Access Protocol
- Data Retention Policy
GDPR represents the biggest shake up in data protection for decades bringing new responsibilities, new roles, substantial new penalties for non-compliance of up 20M Euros or 4% of global annual turnover, whichever is the greater, as well as enforcing corrective actions.
For further information on this and all queries about GDPR please contact either Dan Dowen at ddowen@berrysmith.com or Philip Griffiths at pgriffiths@berrysmith.com – alternatively please call 029 2034 5511 and ask for the commercial team.