GDPR

GDPR

Good financial management starts with a thorough understanding of procedure and protocol. At Arun Business Supplies, East Preston, we will make sure that you are aware of all legislation concerning General Data Protection Regulation (GDPR).

 

What is GDPR?

This was approved by the EU on 14 April 2016 and enforcement will start 25 May 2018 – organisations in non-compliance will face heavy fines from this date. GDPR replaces the Data Protection Directive 95/46/EC and the aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven environment and many changes have been proposed to the regulatory policies.

 

What does it mean for business management?

The biggest change to the data privacy regulation is the extended powers of the GDPR, as it applies to all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location. This has arisen in a number of high profile court cases.

Under GDPR organisations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements e.g. not having sufficient customer consent to process data. Also, consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language.

 

Document destruction

Most business management services will encounter situations where data has to be removed or deleted responsibly. The right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. At Arun Business Supplies, East Preson, we can advise and take on data/document removal.

 

Data Protection Officers

Currently, controllers are required to notify their data processing activities with local DPAs, which, for many, can be a bureaucratic nightmare. Also, the DPO must be appointed on the basis of expert knowledge on data protection law and practices and must be provided with appropriate resources to carry out their tasks and maintain their expert knowledge

Privacy Impact Assessments (PIAs) – this needs to be completed by either someone within your business or by a third party expert – this will help you identify and reduce the privacy risks of your projects. A PIA can reduce the risks of harm to individuals through the misuse of their personal information. It can also help you to design more efficient and effective processes for handling personal data.

A Data Protection Officer (DPO) is required by the General Data Protection Regulation. It is for anyone dealing with large amounts of data and every business should consider appointing a DPO – once they have had a PIA this will identify to what level. Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.

 

At Arun Business Supplies we can:

Provide PIAs and DPOs, install software, create accounts and reports, project costing, create templates for invoicing and payment information, train individuals responsible for HR, bookkeeping and accounting.

 

Services:

Arun Business Supplies, East Preston provides businesses with the following services:

  • GDPR compliance and data protection

  • Privacy impact assessments

  • Business process optimisation

  • IT services

  • Filing/storage/destruction

  • Managed print services

  • Office products

 

Contact us about our complete business solutions service

To find out more about our GDPR Complience services please call on: 01903 775454

Copyright © 2017 Arun Business Supplies | Registered in England & Wales

Powered by Evolution Software