Avoid GDPR Fines - IT Support Hull, Doncaster, Leeds


5 Ways To Avoid A GDPR Fine

Understand GDPR - IT Support Hull, Leeds, Doncaster

So we’re all happy with what GDPR means, right? But what does it really mean; Is it scare tactics? Can it affect you? It definitely isn’t, and it definitely can. No matter how big, or how small your business, if you’re found not to be complying with GDPR, you’re looking at a fine of at least 2% of your annual global turnover.

With recent eyewatering fines issued to the likes of British Airways (€229 million) and Marriott Hotels (€123 million), we thought it might be a good time to give you a rundown of some key ways to make sure you’re not next.

#1 Reach for the sky

If your business already uses cloud services, your data is in a good place. But be sure to treat the cloud like you would your PC desktop; encrypt data and implement any relevant access controls.

#2 Tidy Desk, Tidy Mind

Be organised. The aim here is not to find yourself faced with an access request, but if you were, you’d have 30 days to get that data to the right people; keep all data on customers, suppliers and employees filed so you know exactly where to find it.

#3 Become The Teacher

GDPR shouldn’t be the elephant in the room; be sure to discuss it with your staff. Ensuring you’re compliant can be a team effort and remaining compliant has to be; develop a company process on personal data handling and plaster it on every notice board, staff room wall and loo door for all to see! This will also go in your favour if ICO did ask for a chat, demonstrating your attention to data protection and the precautions you have in place.

#4 Are You Sure You Want To Delete This File? YES!

GDPR, rule number… OK, we don’t remember, but it’s just as important as rule number 1; when you’re done with someone’s data, delete it. At the end of any contract or service agreement, you are required to discard of any personal data unless it’s necessary by law to retain it. This again needs to be common knowledge among your staff so get it documented and hang another notice board if necessary.

#5 Leave No Grey Areas

When it comes to your mailing list, be sure to upgrade to a double opt-in system. This is pretty easy to implement these days (oddly enough!) and is the simplest way to demonstrate that Mr J. Bloggs was indeed fully aware he was consenting to receive your weekly newsletter as the software will record every ‘I agree’ click.

Similarly, be sure to shout about your T&Cs at your opt-in call-to-action; not only will this score you GDPR points for transparency, but it will also help instil trust with your consumers.

Of course, huge GDPR fines and customer data aren’t the only reasons to keep cyber security at the forefront of your mind; cyber crime is always a risk to any business, whether you hold personal data or not. Learn more about the cyber security challenges your business could face, here, and how we can help you become Cyber Essentials certified.

Have you tried turning it off and on again?

Sometimes the simplest actions bring the best results, whereas other problems may seem impossible to fix. We’re here to get everything up and running again in no time at all, also offering straightforward advice to keep your business going from strength to strength.

Get in touch!

IT Support Hull, Leeds, Scunthorpe

Subscribe to our newsletter