With just days left until the impending date of May 25th when GDPR officially launches, just how prepared is your business? Without a real helpful official guideline document or checklist to work through and tailor, it has been a dark and blind alley process for a lot of smaller companies wondering where to start with this Goliath, with bigger businesses having the budget to draft in expensive legal teams to take care of the process on their behalf and get the agreements into action much sooner. It hasn’t been plain sailing for everyone though; reading and hearing statements from larger companies across the country that have struggled to grasp each and every angle that needs to be covered legally, GDPR has given many a headache to those working on the subject.
There have been many IT packages rebranded towards GDPR to capitalise on those who have left it late or need a helping hand, and it’s no surprise that these come at a hefty price. With every single B2B and B2C that a company deals with, written agreements with specifications, tasks that are performed and data being stored need to be drawn-up and signed off by both parties. As you can imagine, with non-legal professionals handling this, there could be many pitfalls for GDPR officials to pick up on. However, if the business is shown to be working towards compliance and can prove that they have taken steps to ensure that both personal data and computer based data is firmly locked and secure then this is said to be enough to pass. Companies that fail to meet this level of compliance will risk mountainous fines of 20 million Euros or 40% of its worldwide turnover – depending on which is higher.
It will be interesting to see just how strict GDPR officials are when May 25th hits. With many a company sweating on final day preparations by getting procedures and contracts in-place and IT introducing and testing security measures, GDPR has been an unpleasant project monster, slowly creeping up on businesses out of the dark depths.