What is GDPR?

The General Data Protection Regulation (GDPR) is the biggest shake-up of data protection regulation in more than twenty years.    Drafted with today’s technology in mind, the GDPR will bring data protection regulation into the 21st century.

We need to be compliant with the new regulation when it comes in to effect on 25th May 2018.

What does it mean?

It is a seriously complex piece of legislation, but in general, it’s a good thing.

It means that all of us – employees and customers – have rights when it comes to how our data is collected, stored and used.

Complying with these new rules is not only a legal requirement, it it the right thing to do for our customers and our people

Who does the GDPR effect?

Any organisation that handles EU citizen data is affected

What happens after Brexit?

The UK will have to comply with the new Data Protection Bill, which is very similar to the GDPR

What information is covered?

Any information about an identifiable, living person, which includes identifying information such as name and email address, plus special categories of information such as an individual’s physical or mental health, ethnicity or religion.

Have the main data protection principles changed?

The principles have changed slightly

Personal information must be:

  • Fairly, lawfully and transparently processed
  • Collected only for specified, explicit and legitimate purpose
  • Adequate, relevant and limited to what is necessary
  • Accurate and kept up to date
  • Held only for the minimum time necessary
  • Secure

How does the GDPR affect reporting data breaches?

Any suspected data breaches should continue to be reported immediately to a lead/team responsible for data protection. But there are new regulations on penalties in place for data breaches and also for failing to notify the Office of the  Information Commissioner of a breach

What are the penalties for non-compliance?

Organisations can be fines up to 4% of their annual global turnover.  However, it is not just the fines you need to think about, it is the negative impact it could have on your organisation’s reputation which could result in negative publicity of your name and brand.

What should you do to ensure your organisation is GDPR compliant?

You should have a project team or lead person looking at this across the whole organisation.  You should ensure that any changes will be relevant and workable.

GDPR at a glance

There are six key areas covered by GDPR:

  • Increased fines for non-compliance
  • Explicit informed consent   
  • Increased transparency              
  • Privacy by design
  • Enhanced governance              
  • New and enhanced rights 

With GDPR only days away, is your business going to be compliant?  

Get started on YOUR GDPR compliance journey before it’s too late.

If you are still unsure whether your organisation will be compliant on time you might like Go Compli to assess and advise on any compliance gaps.
Please contact us at

Our GDPR Health Check Audit will provide you with a sound basis for assessing 80+ compliance areas in relation to your organisation’s information privacy and security risks associated with the GDPR.

Go Compli can also assist you to implement GDPR compliance across your organisation with our expert Implementation Support package to review and revise existing documents or even draft new policy documents.

Ask us about how you can develop your information Governance Policy and Strategy to ensure ownership of data protection principles sits at the top level of your organisation and filters through to all your employees, contractors, agents and partners.

Go Compli offer Bespoke Staff Training. Our qualified GDPR practitioners can deliver training specific to your organisational needs in the classroom or online.

For further guidance on our GDPR Health Check Audit, or to discuss any of your GDPR compliance requirements, contact our data privacy advisory team on 07736 351 049 or 07944 448 157 or email us at enquiries@gocompli.co.uk

Contact us for more information or request a no obligation consultation

There is a lot to be done, so don’t get caught out.