GDPR may not be making headlines on the same scale it did in the run up to its implementation in May 2018, but it definitely hasn’t blown over and certainly shouldn’t be brushed under the carpet.
GDPR made it easier for individuals to claim against companies and consequently data breach complaints rose by 160% .The ICO handled 6281 complaints between May 25th (when GDPR came into force) and July 3rd 2018.
One company feeling the pinch of falling foul of GDPR is Emma’s Diary who was fined £140,000 for collecting and selling the personal information belonging to more than a million people. In August AMS Marketing were handed a £100,000 fine for making 75,649 nuisance calls to people who had opted out of receiving marketing calls
Our Commitment to GDPR Compliance
At Cohesion Digital we took every possible step to prepare ourselves and our clients for the tougher data handling regulations. We invested in extensive GDPR training which means we have our own qualified and knowledgeable in-house GDPR practitioner.
To help our clients prepare for the tougher data protection requirements we provided a Countdown to GDPR and issued a comprehensive guide to GDPR compliance as well as a handy GDPR Discovery Road Map.
Whilst the newspapers hone in on data breaches occurring as a result of cyber attacks such as the recent British Airways security breach, most data breaches are down to human error, a lack of processes, failure to follow procedures or negligence.
BA is expected to be hit with a fine of around £500 million for failing to protect customers’ personal financial and credit card details but smaller companies are not immune and need to be aware that non compliance penalties can be as steep as €20 million, or even more.
Need Advice and Guidance On GDPR?
The ICO (Information Commissioner’s Office) is the UK’s independent authority responsible for upholding information rights and data privacy for individuals. Contrary to the misheld belief that the ICO exists solely as a body for people to report breaches to and to fine companies abusing the legislation; they are also there to help businesses comply with protecting their customer’s data.
The ICO are a surprisingly friendly and helpful body offering guidelines for organisations as well as a self assessment toolkit which is invaluable in helping small to mid size companies ascertain their level of compliance with data protection law and discover what action is needed to guarantee the safety of customers’ personal data.
The ICO can advise on any grey areas such as culling your database, what you can and can’t include in email newsletters to your customers, what passive links are permitted and guidance on inserting an unsubscribe link.
Cohesion Digital are also happy to help and advise you on achieving full compliance and have a qualified and knowledgeable GDPR practitioner with the skills and knowledge to guide you on implementing a highly effective GDPR compliance programme that will fully meet data protection requirements.
Do You Have a Process For Reporting Data Breaches?
Reporting Data breaches is mandatory. If a breach occurs you are required to disclose full details. These include; the nature of the breach, what data your company holds, whether or not you hold customers credit card details, what data has been lost and details of your company’s inventory along with who has access. You will also need to disclose the full extent of any damage that could result from the breach.
How To Protect Your Company and Your Clients From Cyber Attacks.
Data breaches occurring as a result of cyber attacks pose a risk to your company’s reputation and its future success. The National Cyber Security Centre (NCSC) are experts in the field and offer guidance and advice to small and mid-sized companies as well as risk assessment and basic training.
To retain customer loyalty and guarantee the continuation your business, your company needs to prove it is GDPR compliant. If you haven’t already got on board and taken every necessary precaution to safeguard your customer’s personal data you could be sitting on a time-bomb.
Don’t join the rapidly growing list of companies feeling the pinch of hefty non-compliance fines and watching profits drop as customers flee.
To get friendly GDPR compliance advice from our in-house expert Get In Touch