To help organisations get prepared, Blake Morgan has launched a free GDPR guide on its website.
Bruce Potter, chairman of Blake Morgan, said: “The huge growth of the digital economy in recent years requires a more robust legal framework to ensure public confidence in the protection of information, and organisations now need to adapt to these higher standards.
It is not only reputation that is at stake for failure to comply as there will be a significant increase in monetary penalties. Our data protection and regulatory experts have carefully devised this guide which highlights the most important actions organisations should take to comply and I would urge decision-makers to take a look.”
Action points in GDPR: A Practical Guide to Achieving Compliance include:
Review customer-facing terms and privacy policies. These are likely to need substantial revisions to meet the new requirements.
Review contracts with processors to ensure they have robust provisions around record-keeping.
Ensure that the risk of penalties for non-compliance are fully understood at board level.
If you collect information about children then you may need a parent or guardian’s consent to process their data lawfully. Consent must be verifiable and privacy notices must be written in language that children will understand.