Many of our clients and prospects have called us worrying that the GDPR will ruin their business. The message that we’ve been conveying is that the GDPR was not designed to punish businesses, it was made to improve relationships between business and consumer. It was made to upgrade an outdated directive that was loosely adhered to by many. Nor was the GDPR created to solve all our data problems and to prevent a data breach from ever happening again. It was designed to aid businesses in improving their policies and implementing measure to mitigate the risks of a data breach.
Filtering through the masses of information is challenging for even the keenest of compliance professionals. A small firm in Kent contacted us with concerns about what information they should take as fact and what’s fiction. “The regulation is difficult to read unless you understand the law jargon that comes with it. So, who are we supposed to believe?” There’s no doubt this firm were worried that they hadn’t fully prepared.
Another example comes from a medium sized company in Surrey that were fed a lie that they needed a Data Protection Officer; many companies are hiring DPO’s when the requirement isn’t there. The existing client called us for some additional advice on what to do, with the hope of clarity and a solution to their dilemma.
Fortunately, the firm in Surrey called us before they made the wrong decision in hiring a DPO, we were able to show them through literature from the ICO that they didn’t need a DPO and would be wasting money if they hired one, however we advised them (as we do to everyone) that they should have someone in the company responsible for compliance and overseeing any actions needed for GDPR compliance, this can often be an existing employee.
Our advice to everyone is to regularly check the Information Commissioners Office (ICO) website, the ICO are the statutory body in the UK that will oversee the GDPR, they are hiring hundreds of people to help deal with phone calls, emails and letters, all containing queries from worried business owners or compliance managers. The information they provide should be trusted above all other information.
ICEX are in regular contact with the ICO and have a wealth of experience in helping deal with GDPR issues. There is a mass of content on our website that is all backed up by facts from the Information Commissioner.
- ICEX offer free advice on any GDPR queries people may have. Call 01376 503900!
- Our data destruction/erasure processes give our clients peace of mind that all redundant data is completely gone.
- ICEX adhere to industry standards ISO 27001, ISO 14001, ISO 9001.
- One of only 40 ADISA accredited IT Asset Disposal companies in the country.