Written by

Bernard Marr

Bernard Marr is a world-renowned futurist, influencer and thought leader in the fields of business and technology, with a passion for using technology for the good of humanity. He is a best-selling author of over 20 books, writes a regular column for Forbes and advises and coaches many of the world’s best-known organisations. He has a combined following of 4 million people across his social media channels and newsletters and was ranked by LinkedIn as one of the top 5 business influencers in the world.

Bernard’s latest books are ‘Future Skills’, ‘The Future Internet’, ‘Business Trends in Practice’ and ‘Generative AI in Practice’.

Generative AI Book Launch
View My Latest Books

Follow Me

Bernard Marr ist ein weltbekannter Futurist, Influencer und Vordenker in den Bereichen Wirtschaft und Technologie mit einer Leidenschaft für den Einsatz von Technologie zum Wohle der Menschheit. Er ist Bestsellerautor von 20 Büchern, schreibt eine regelmäßige Kolumne für Forbes und berät und coacht viele der weltweit bekanntesten Organisationen. Er hat über 2 Millionen Social-Media-Follower, 1 Million Newsletter-Abonnenten und wurde von LinkedIn als einer der Top-5-Business-Influencer der Welt und von Xing als Top Mind 2021 ausgezeichnet.

Bernards neueste Bücher sind ‘Künstliche Intelligenz im Unternehmen: Innovative Anwendungen in 50 Erfolgreichen Unternehmen’

View Latest Book

Follow Me

Here Are 8 Things Every Business Needs To Do Now To Get GDPR Ready

2 July 2021

May 25th is just around the corner, which means your business needs to be ready to comply with the General Data Protection Regulation (GDPR). This regulation was approved by the EU Parliament in April 2016 and will begin to be enforced from May 25, 2018 and matters to any company anywhere in the world that stores or processes data of people who live in the European Union. Companies who aren’t in compliance will face hefty fines – up to $24million (20m Euros) or 4% of annual global turnover, whichever is higher. The intent of this legislation is to protect the data privacy for EU citizens and create consistent data privacy laws across Europe. You’re ahead of the game if you’re already complying with the Data Protection Act (DPA), the predecessor to the GDPR. Here’s what every business needs to know about the new elements of GDPR.

Review the GDPR and assess its implications for your company

Every company should familiarize themselves with the elements of the GDPR and make note of the changes that might have the biggest impact on your organization. Since the Information Commissioner’s Office (ICO) is working closely with trade associations and representatives of various industries, these entities will become an important resource for companies in each industry to help navigate the GDPR changes that are critical to them.

Highlights of Key Changes

Every organization should assign responsibility to someone on their team to read the provisions of the GDPR to become familiar with the requirements and how they pertain to your specific circumstances. However, here are a few key changes:

  • Regardless of where your company is located and processes data, you are still required to comply with the regulation.
  • Penalties for non-compliance apply to controllers and processors and a breach of the regulation can cost a maximum fine of 4% of annual turnover or up to 20 million pounds, whichever is greater.
  • There are new strict parameters for getting consent to use data that require an intelligible and easily accessed form that uses clear and easy-to-understand language. Withdrawing consent must be equally easy.
  • Breach notification needs to be done within 72 hours of becoming aware of the breach.
  • The right to be forgotten allows for individuals to request their personal data be erased, stop dissemination of the data and halt third parties from processing the data.
  • The GDPR allows the individual to request and receive their personal data and transmit it to another data controller.
  • Although the privacy of design provision has existed for years, the GDPR makes it a legal requirement that data protection must be considered when designing a system and not an addition or afterthought.
  • Some companies will be required to appoint a data protection officer (DPO).

What should you do to get ready for the GDPR?

1. Assess what needs to be done in your organization

Review the requirements of GDPR to understand the implications for your organization and be sure to update decision-makers about what changes need to be made. For some organizations, changes will need to be made that impact several departments so the sooner you get everyone on board the better.

2. Information audit

Audit what personal data you collect and store, where it came from and who you share it with. One of the requirements of the GDPR is to record your processing activities and have effective policies and procedures in place.

3. Update your privacy notices

Most likely you will need to update how you communicate to your customers how you will use any personal data you collect to be compliant with GDPR. In addition, your privacy notice needs to explain the lawful basis for processing personal data.

4. Data portability

Since many of the individual rights outlined in GDPR already exist with the Data Protection Act, if you are already following those requirements there shouldn’t be a significant amount of effort necessary to comply with the new regulations. However, this does offer a good time for you to review your current procedures to be sure all is covered. Also, the data portability component is new, so consider how your systems would handle an individual’s request to get their data in a commonly used and machine-readable form.

5. Access requests

Verify that you can accommodate the new mandates about dealing with data access requests in 30 days.

6. Consent

Review these detailed instructions on consent provided by the Information Commissioner’s Office. This covers how you seek, record and manage consent. Consent is not assumed from silence or inactivity, it must be verifiable.

7. Children’s data

The GDPR outlines special protections for children’s data, so consider if your systems are accurately verifying ages and getting parental or guardian consent for children before processing data.

8. Data breaches

How would you handle a data breach in your organization? Now is the time to consider your current process and compare what you do with the requirements of the GDPR.

There has been some confusion and overwhelm by company leaders around these new regulations. The sooner you get your arms around the specific details that will impact your organization the better you will be in May.


Business Trends In Practice | Bernard Marr
Business Trends In Practice | Bernard Marr

Related Articles

Generative AI: The Secret Weapon Of Successful CEOs

Remember how amazed we were when ChatGPT made its debut just a year ago? Well, as we’ve since learned, that was only the beginning.[...]

Virtual Reality, Real Business: The Impact Of The Metaverse On Companies

Metaverse has undoubtedly been one of the most talked-about concepts of the year. At the start of 2022, the focus was on Facebook’s surprise re-branding of itself to Meta Platforms.[...]

The Future Of Medicine: How AI is Shaping Patient Care And Drug Discovery

One of the most exciting aspects of AI is its implications for healthcare. Today, doctors and other medical professionals routinely augment their human skills and experience with the help of intelligent machines.[...]

Navigating The Future: 10 Global Trends That Will Define 2024

We’re approaching the mid-point of a decade in which we’ve already seen significant global transformation.[...]

Unlocking The Future Of Learning: How XR Tech Transforms Education

In the metaverse era, education as we know it will change. And I’m not just talking about formal education in schools, colleges, and universities – but also workplace learning and lifelong learning.[...]

2024 IoT And Smart Device Trends: What You Need to Know For The Future

By the end of 2024, there are projected to be more than 207 billion devices connected to the worldwide network of tools, toys, devices and appliances that make up the Internet of Things (IoT).[...]

Sign up to Stay in Touch!

Bernard Marr is a world-renowned futurist, influencer and thought leader in the fields of business and technology, with a passion for using technology for the good of humanity.

He is a best-selling author of over 20 books, writes a regular column for Forbes and advises and coaches many of the world’s best-known organisations.

He has a combined following of 4 million people across his social media channels and newsletters and was ranked by LinkedIn as one of the top 5 business influencers in the world.

Bernard’s latest book is ‘Generative AI in Practice’.

Sign Up Today

Social Media

0
Followers
0
Followers
0
Followers
0
Subscribers
0
Followers
0
Subscribers
0
Yearly Views
0
Readers

Podcasts

View Podcasts