The General Data Protection Regulation has been described as the most significant overhaul in data protection in a generation.
Statistics suggest that the majority of organisations are still not prepared despite the prospect of irreparable reputational damage and being fined €20m or four per cent of worldwide annual turnover if they do not comply.
James Sinclair is co-founder of EnterpriseJungle, which works with some of the biggest companies in the world including SAP, Lufthansa and HSBC.
The company’s HR solution helps large businesses manage alumni and retirees to increase talent pools and reduce internal costs.
Sinclair says the firm was able to rely on the vast expertise of its customers and use their guidelines to build its own policies.
“Given that GDPR leaves much to interpretation, and says that companies must provide ‘reasonable’ levels of protection for personal data, we were able to work with the in-house team of some of our large customers to define what we collectively believed to be ‘reasonable’ when building our policies,” he says.
Chris Hunter, director at systems integrator and telecommunications specialist HM Network, adds: “We actually ended up terminating some agreements with businesses we worked with who couldn’t demonstrate that they’re at least on the right road to compliance or that they’ve got any regard for it.”
Kate Lewis of GBG says that true compliance can only be achieved through a collaborative and transparent approach with suppliers and customers.
“The key to achieving GDPR is accountability, which requires training, awareness, clear processes and then ongoing monitoring to ensure we are doing the right thing.
“In my view, it’s only when the last third party you engage with achieves GDPR compliance that you can legitimately claim your business is GDPR compliant.”
Cloud hosting firm UKFast is providing free GDPR pocket guides containing valuable resources and guides from industry experts to help support businesses. Request your free copy here.