Be GDPR Compliant
Is your business GDPR ready?
are you GDPR ready?
The European Union General Data Protection Regulation (GDPR) significantly increases the responsibilities and obligations for businesses and organisations in how they collect, use and protect personal data. Failure to comply with legislation may result in maximum fines of 4% of global revenue or €20 million, whichever is greater.
What GDPR means for your business
Businesses must refresh all consents if they don’t meet GDPR requirements. Consent given must be specific, positive opt-in, freely given, granular and separate from terms & conditions.
Data Breach Notification
Data controllers must notify the supervisory authority of a data breach with 72 hours or in cases of increased severity without undue delay. Failure to notify can result in significant. fines
Data Protection Officer
Businesses must appoint a DPO if they are a public authority, carry out large scale systematic monitoring of individual personal and sensitive data, or data related to criminal convictions and offences.
Rights to the Individual
GDPR confers new and greater rights to individuals, giving them greater control over the processing of their personal data Their rights and information relating the processing of their data must be mapped out clearly in the privacy notice..
Protection by design
Businesses and organisations will need to introduce technical and organisational measures to ensure that data privacy and protection is at the heart of all their future actions when processing personal data.
Subject Access Request
Individuals can request access to all of the personal data that you hold on them along with confirmation on how their data is being processed. This must be provided within one month and free of charge.
Our Practical Approach to GDPR
Reaching compliance can take time so it is key to have the best plan in place. Our consultation process takes you from initially understanding your current GDPR situation and supports you through to compliance. This creates clarity throughout the complete journey
We provide individual, group and public sector GDPR training. Our GDPR courses range from GDPR awareness to intensive training for Data Protection Officers. We offer specialist courses in GDPR Readiness, Data Audits, DPIAs and GDPR Privacy Notices. We also tailor training courses to meet your organisational needs.
Our experience and expertise provides the complete, end to end, practical GDPR solution for all sectors from assessing your GDPR Readiness to developing a GDPR Roadmap, successfully implement the processes and procedures to achieve and maintain GDPR compliance.
GDPR Readiness Assesment
The first step to compliance is to determine the GDPR readiness of your business or organisation. This is carried out by arranging an onsite consultation with key members of your staff. Format Data then prepares a GDPR Readiness Audit Report with recommendations to reach compliance. We also offer training courses to teach you how to carry it out on your own
Company Data Audit
GDPR places an obligation on to conduct a Data Audit on data processing activities. We teach you how to conduct a Data Audit to identify areas of risk in your data processing activities and enable changes needed prior to GDPR coming into operation. Format Data also assists organisations to put in place new record keeping obligations under GDPR.
Data Protection Impact Assesment
Organisations and businesses are required to take a risk based approach when they are processing personal data. Format Data teaches you how to conduct a Data Protection Impact Assessment which will enable you to identify and respond to risks, thus ensuring compliance with GDPR and reduce the risk of reputational damage.
Policies and Procedures
Organisations are required “to be responsible for and be able to demonstrate compliance”. A GDPR toolkit of documents, procedures and tools which are GDPR compliant is available to buy through Format’s website or free with some of our online GDPR courses. We also offer a boutique service to create all of your policies and procedures.
Privacy by Design
Privacy by design includes product development, software development, IT Systems and services. Format Data assists businesses and organisations to incorporate personal data protection and privacy throughout the whole product, service or systems design process. In the process this can also improve the efficiency of systems within a business.
Data Breach Management
Format Data assists businesses in creating a system for detection, investigation, reporting and communication in relation to data breaches.. You can also attend one of our GDPR training courses to learn the practical steps of putting a data breach management plan in place.