GDPR is coming but Data Protection Act applies now !

One of the Facebook Business Groups we lurk in had an interesting conversation thread recently that got us thinking…..

A person was asking about installing SSL certificates on their website, for which the reason was due to the GDPR rules that will be brought into effect in 2018 and they wanted to make sure that their website/data collection was “GDPR compliant”

Now, GDPR is an extremely hot topic at the moment, in the Press and all over Social Media channels, with the world and their other half offering seminars, books and training courses to help your small business get to grips with the General Data Protection Regulation (oh, and empty your wallet as well judging by some of the prices we have seen!)

Don’t get us wrong, it is good news that businesses of all sizes are waking up to their responsibilities but The Data Protection Act applies now and it is surprising how many Small Businesses don’t/won’t register with the ICO as they don’t necessarily consider their customer details/staff records as data ?!

Under the Data Protection Act (which currently applies), the maximum fine the ICO (Information Commissioners Office) is entitled to levy against a data controller that has breached the legislation is £500,000, however under the new GDPR rules, the ICO can impose up fines of up to 20 million Euros or 4% of group worldwide turnover (whichever is the greater) against both data controllers AND data processors.

Now, it is understandable that the threat of a large fine is making all businesses to look at how they deal with data within their organisation, but is this purely because the fine is getting larger or due to the higher profile of GDPR ?

We would highly recommend the ICO website for all things Data Protection Act and GDPR related to help you understand the steps you should already be taking to comply now, as well what needs to be taken into account for the new regulations next year ! 

The ICO have setup a telephone helpline for small businesses – 0303 123 1113 – to help you prepare for the new regulations.

Oh, and the original question we’d would recommend that even if you just have a contact form, it is worth going SSL as it demonstrates to the user and the Search Engines that you take your data seriously !