Last month, to much fan fair across the media, GDPR became enforceable across the European Union including in the United Kingdom.

As covered in a previous post, GDPR or to give it its full title without acronyms; The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy, aimed at protecting individuals across the European Union.

So on the 25th May 2018, GDPR became enforceable and hopefully if you run a business you have been planning in advance of this and have taken all the necessary steps. If you haven’t yet addressed GDPR in your business, and taken the necessary actions required, there really is no time to lose.

Potentially it’s true, that the new fines are so astronomical they could cripple most businesses, however if you are making reasonable attempts to comply then this seems to be what the Government are looking for. As reported in the BBC last month, the information commissioner Elizabeth Denham has stressed, “that any action against those who fall foul of the new regulations will be fair and proportionate – and that she is not planning to go after those who show a willingness to comply.”

One of the impacts of GDPR you can’t help but have noticed, and has gained a lot of attention in the media over the last month, is with respect to mailing lists. Those businesses who did not record the origin of the information and/or it’s opt in action, that’s to say the method that it was obtained, and that the person actively consented to receiving information from that business, have been busy flooding email inboxes with notices that their information will be deleted without a retrospective positive opt in. GDPR is however far more reaching than online businesses and their mailing lists, and so it’s important you ensure your business complies with the new regulations too.

Even if your business operates a fairly basic website, with just a contact form, you will likely still have action to take. Furthermore, if your business retains any personal information about customers then again you may have important action to take now. This might include how you use Microsoft Office 365  which now comes with a suite a tools covering this, and can help with GDPR compliance.

What is certain is that GDPR is here to stay, and even post-Brexit will be transferred across into UK law and so, if your business has not already done so, taking action to ensure compliance is absolutely essential.