Manufacturers and GDPR10/05/2018
Time’s Up, the GDPR Has Arrived!
On 25 May, the GDPR comes into effect, which doesn’t leave your organisation much time to comply—especially if you’ve procrastinated. In fact, one year ago 70% of manufacturers had not yet started to prepare for the GDPR’s arrival, according to a survey conducted by YouGov. This lack of preparedness can leave your organisation exposed to hefty fines worth up to €20 million (£17.5 million) or 4% of your annual global turnover, whichever is higher.
Regardless of whether you’ve not started preparing or are currently working on it, ensure you have the following four bare minimum GDPR compliance documents:
1. Privacy notice, which informs individuals how you will use their personal data.
2. Retention policy, which explains how long you may keep the individuals’ personal data.
3. Data protection policy, which explains how you are complying with the GDPR’s obligation and how your employees will comply.
4. Record of processing, which details how you use personal data. (Note: This is an internal document but must be available to share with the ICO upon request.)
For more information on ensuring that your organisation is prepared and compliant with the GDPR, review the ICO’s 12 steps to GDPR compliance as well as complete its data protection self-assessment.
GDPR, One Year Ago
– 70% of manufacturers had not started to prepare for GDPR.
– 20% of manufacturers admitted that the maximum GDPR fine amount would put them out of business.
– 76% of manufacturers were not confident that they could detect a data breach.
– 72% of manufacturers were not confident that they would be able to alert the relevant stakeholders within the required three day