GDPR recently celebrated its first birthday and so to commemorate the occasion, Crendon Insurance Ltd are taking a look at the successes and achievement the new regulations has gained over the last year and where improvement still needs implementing to improve the GDPR process overall.

Think back to pre GDPR and you realise just how much the Regulation was indeed urgently needed. Pre GDPR, circulating personal data was a concern; however, the vast majority felt that they could do anything about it.  Unwanted and nuisance marketing companies could contact at any time of the day to sell something that was usually of no interest to the receiver of the call/email.  Businesses would not think twice about forwarding and circulating emails which contained a legacy of other email addresses, whilst it was often the case that data stored on servers possibly had not been checked for years.  Back on social media, companies and individuals found it an arduous process to delete posts or comments which they felt were unfairly damaging to their reputation.

All of these factors provided a chaotic melting pot in terms of data protection and one that was sloppy and extremely uncontrollable.

Thankfully the GDPR process is beginning to embark on a new story. Businesses and individuals are beginning to understand what GDPR means in terms of their own companies, how they look after customer data and how they work safely with suppliers.  GDPR has meant that companies have put policies in place and have begun training staff on how to consider GDPR within their daily roles.  They have secured their company websites with an SSL certificate and have evaluated how they capture data for marketing purposes.

Whilst businesses try to understand what the GDPR process means to them and begin to make changes in how they operate there is still a long way to go in implementing GDPR good practice.  Businesses are beginning to make progress, however it is slow.  According to Digital Risk Protection firm ‘Digital Shadows’, over the last 12 months 2.3 billion data files have been leaked online containing information such as bank details, passport data, customer credentials and medical information which demonstrates a 50% rise of leaked files on the previous year.  This is an astronomical amount of compromised data considering that GDPR is now in place and if businesses do not address such issues, they could face fines of up to €20 million, or four per cent of their annual turnover for mishandling personal data.

The GDP Process – How businesses need to change for the future

New GDPR process is about making a conscious effort in everything that we do and how we use data. For companies just starting out, it is fundamentally important that they have the right security in place from day one. For those who have been in business a long time, it is about evaluating systems, finding the loopholes where data could become compromised and continually implementing a cyber security strategy.   The main challenge for business is that GDPR is on-going and that it can’t be a one off tick box solution – systems and operations need to be regularly checked, staff need to be educated and reports need to be carried out, so that changes can be made.

Has your business prepared and implemented GDPR?  Here at Crendon Insurance Ltd we help companies to get a grip on their GDPR process to ensure that they are operating within regulation. To find out more and to run our GDPR business review questionnaire to find out how if your business meets regulation and where vulnerabilities may require attention, please contact our GDPR process team today.

Blogs used to write this article: