These are set to impact companies of all sizes, from all sectors; anyone that stores any data will have to make sure they know what the new legislation entails and what it means for them.
In short, companies must be completely aware of what data they hold and where, across all devices, systems and software and an incident recovery plan must be in place to deal with any incidents of breach.
Fines of up to 4% of a company’s annual turnover, or up to 20 million euros (depending on which figure is greater), can be demanded if the violations are serious. It is not clear yet what counts as a ‘serious’ violation, however for many SMEs, the fine could prove to be disastrous.
Everyone who has anything to do with the data. In terms of your websites, it is no longer just the website owner or hosting company, but also the people in charge of website planning or data input that are responsible too. It is down to all these different parties to work together to ensure that the new regulations are being followed.
Due to the scope of implications from these new rules, preparation needs to commence well in advance of the May 2018 deadline. A full data and information audit is recommended to ensure that all your records are up-to-date and compliant, with new plans being put in place for data storage going forward. This won’t just mean a change in processes for many companies, but a change in company culture; be prepared for confusion, resistance and mistakes – all of which need to be made and rectified in the next nine months to ensure smooth sailing from there on.
The sooner you can get started on this the better. For our clients, we will be in touch to discuss how to make sure websites are 100% compliant, however if you are not already a client of ours, maybe it is time to give us a call and discuss moving over to a website provider who is able to make this happen for you.
If you are concerned or have any questions please give us a call on 01234 779 050 or email email@example.com.