Gemserv provides a range of data privacy consultancy services to help organisations comply with the Data Protection Act 1998 (DPA) and ensure they are ready for the EU’s General Data Protection Regulation (GDPR).
What will change under the GDPR?
The General Data Protection Regulation (GDPR) which comes into force from May 2018, represents the biggest shake up of data protection law in over twenty years.
Organisations have less than 18 months to examine and update their business practices to ensure compliance.
The new regulations aim to reflect the exponential growth of personal data processing as the internet, social networking sites, cloud computing and location-based services have continued to develop.
An increasing number of high profile data breaches reported which have attracted considerable media attention has resulted in a loss of consumer trust and concern amongst regulators about how organisations manage personal data.
The GDPR aims to put individuals in control of their data, putting in place strict conditions over consent for data to be captured and stored.
The regulations mean new obligations in areas such as data anonymisation, compulsory breach notifications and the appointment of Data Protection Officers and organisations handling EU citizens’ data will need to make major changes to the way they operate.
The GDPR allows for considerably tougher penalties than the DPA with fines of up to €20 million or 4% of total annual global turnover, whichever is greater. There is also significant reputational risk to organisations arising from a breach.
How we can help
We take a pragmatic approach to help firms assess their readiness for the GDPR. We can undertake an assessment of GDPR compliance and help identify areas of risk and non-compliance and then set out steps which will help organisations to:
- Understand risks to their personal data processing activities;
- Implement clear policies and procedures on use of data;
- Ensure consistency to harmonise data processing activities;
- Demonstrate full compliance with GDPR to clients and partner organisations; and
- enable the full potential of innovative data use for the benefit consumers and industry.
At Gemserv we work with organisations to ensure they are fully prepared for GDPR by helping organisations to understand your data processing activities and developing a tailored improvement programme to ensure compliance by 2018. Gemserv support organisations with the following solutions:
Gemserv can also advise you on:
- The collection and use of employee and customer personal data, including export of personal data to countries outside the EEA
- Managing data breaches which includes liaising with the Information Commissioner in relation to investigations
- Direct Marketing campaigns
- Privacy policies, notices, consent wording, documentation and procedures as well as privacy impact assessments
Download our free GDPR documents to find out more!
For more information on how we can help you achieve compliance, please contact us by email or on +44 (0)20 7090 1091.