These days, businesses and organisations will hold an enormous amount of personal data about employees, customers and suppliers. This information can be collected in a variety of different ways and systems and it is essential to have in place adequate processes and safeguards to ensure the data is held, used and processed in a way which is compliant with the law.
The importance of data protection continues to grow, especially with the introduction of the General Data Protection Regulation on 25 May 2018. The GDPR introduces major changes to the data protection landscape in the UK and increases fines to €20,000,000 or 4% of global turnover if organisations fail to comply with these new rules. Blackadders have the expertise to help you understand this complicated, challenging and changing area of law, by providing advice and practical support on complying with the GDPR.
The GDPR will introduce greater responsibilities on organisations and give individuals greater control over how data is used. Blackadders can provide help and assistance to organisations on various areas including:
- the application of data protection rules to your organisation;
- developing appropriate policies and procedures for your organisation (for privacy, marketing and breach management in particular);
- reviewing and updating documentation to comply with data protection rules (including employment contracts, customer terms and conditions, supplier agreements or website documentation);
- data sharing contracts and their implications; and
- how to deal with a request for personal data or other data subject rights.
The reality is that all organisations, regardless of size and sector, will be impacted by the new rules and it is an ideal time for a full review of current policies and procedures to assess what (if any) steps you need to take to become GDPR compliant. Carrying out an audit enables organisations to (i) identify vulnerabilities and risks, (ii) prepare a road map to compliance and (iii) identify opportunities for improvement.
Blackadders can assist with this process by providing advice and guidance for your entire organisation or specific departments. This audit service can look at and reviewing/reporting on:
- the data held and the grounds for processing;
- marketing activities;
- contracts and data sharing arrangements;
- data flows (internally and externally);
- processes to deal with individual data rights; and
- relevant policies and processes.
This then allows your organisation to identify areas that need to be addressed to meet the requirements of GDPR.
Under the GDPR, organisations should have in place appropriate operational measures to ensure compliance with the new rules. One such operational measure would be to provide adequate training to staff to give them appropriate knowledge of data protection and how it impacts your organisation. All training sessions include relevant documentation that can be retained by your organisation and used internally as a training tool and reference point for data protection matters.
Basic training package: Blackadders can provide a general overview of the GDPR, the key changes and practical advice on how these impact on certain teams within your organisation (including marketing, HR and IT). The length of session can be tailored to your individual needs, starting from 1 hour up to half day sessions.
Bespoke training packages: Blackadders can offer more bespoke training sessions that are tailored to your specific requirements. This can be particular data protection topics or more detailed sessions running over multiple sessions.
Breakfast Seminars: these free seminars are run on a regular basis, covering different areas of law. Please contact our marketing team at firstname.lastname@example.org to be added to our marketing list and receive updates on these seminars.