GDPR workshop with C2S
Circle 2 Success, Professor Richard Benham and Lodders Solicitors ran a workshop on GDPR, which was hosted here at Randall & Payne on Monday 11th September.
Around 50 attendees from local businesses attended the workshop to glean information about the changes in legislation that are coming into force in May 2018, how they are likely to affect them and more importantly to identify some simple steps they can take to ensure compliance.
In a world that is ever more about “big data”, concern was expressed about the meaning of “consent” especially from a marketing perspective and around current data sets that have been acquired over time. The explicit advice was to try to ensure clarity whenever capturing data as to its intended use and to document that for internal purposes.
Partner, Rob Case was in attendance and made the following observations:
- Fines from the Information Commisioner’s Office (ICO) for non-compliance are potentially significant at up to 4% of turnover, but the greater cost may come from litigation or reputational damage should there be a data protection issue
- Document how you collect and use data currently and ensure you have a robust privacy statement readily available to the people for whom you hold data
- Make sure your staff are aware of the changes and the need to keep data secure, having robust internal policies and employment contracts will help to clarify responsibilities and also protect in the event of a data breach
- Have a plan. How would you react if you were the subject of a data breach? Who would you contact first and how would you deal with it?
- Finally check your business insurance to see if you are covered in the unfortunate circumstances that something did go wrong. Would your insurance cover any potential fines, legal fees and ought you consider cyber insurance as an addition?
We are organising a GDPR workshop with C2S especially for our clients – details will be announced shortly, but in the mean-time if you are interested please email firstname.lastname@example.org.
There is a wealth of information on www.ico.org.uk.