GDPR: To Panic or Not?! | Merranti Consulting

Panic or Not about GDPR

GDPR: To Panic or Not?

The quick answer is ‘Don’t panic’ but you must be concerned and if you haven’t started your GDPR preparation, now is the time to do so. What everyone knows is the huge fines that can be placed upon you if you are found non-compliant, the £20m or 4% of global turnover (whichever is greater) is a number for every business to take notice of.

“The most significant addition is the accountability principle. The GDPR requires you to show how you comply with the principles – for example by documenting the decisions you take about a processing activity” (https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/principles/ accessed 6 Nov 17) there are numerous aspects that we need to adapt to, the fact of a ‘controller’ being appointed and “the controller shall be responsible for, and be able to demonstrate, compliance with the principles.” (ICO), as part of your businesses plan to get an implementation strategy in position you need to spend time getting familiar with all the new aspects You will need a significant amount of time to do this. One interesting aspect is

“The imposition of a fine is not dependent on the ability of the supervisory authority to establish a causal link between the breach and the material loss (see for example article 83 (6)).

Duration of the infringement may be illustrative of, for example:

a) wilful conduct on the data controller’s part, or

b) failure to take appropriate preventive measures, or

c) inability to put in place the required technical and organisational measures.” (ICO Nov 17), for me, the wording of Failure (b) and Inability (c) would suggest that if your business has not a solid and compliant procedure in place it should be on the Must Do list for this week, yes it will take a while for it to get to SME level, I would suggest do it now! As soon as the first court case hits the news the uptake on GDPR specialists time will become premium, Merranti Consulting has a GDPR specialist team and they can advise and help implement the necessary actions to Ensure You Are Compliant and that you won’t be the famous one getting a potential business ruining fine.

Share: