Use of cookies. Mouse over here for details.

Use of cookies on this web site: Neil Hesman T/A The Village Websmith collects no personally identifiable data in cookies. However, a number of social media and search engine companies place tracking cookies without our consent or co-operation. If you wish to avoid tracking, please read our cookies policy, where you will find links to resources that will help you set your browser accordingly.
Show Cookies Policy
Accept & Continue
Join Mailing List

The Village Websmith - Selected Blog Item

Search my 'blog
Find word or phrase...
Find posts dated...
24/05/2018: GDPR Becomes law in the UK tomorrow. Final checklist time.

It is now the last day before GDPR comes into effect. Over the last weeks we have been looking at the ways you can make it easy for your business to comply. Mostly, this is about good housekeeping and common sense security measures that most businesses will employ anyway. The only difference is that these have to be formalised in statements and policies.

As we stand on the brink of this brave new world, today, let's have one last look around the room before locking the door and going on holiday. OK, that was a cheap shot at an analogy, but it works for me.

By now, everything should be in place to protect the information of anyone who deals with your business from prying eyes and cyber criminals. Have you:

  • Established the legal bases upon which you hold records?
  • Contacted all existing mailing list members to confirm their consent to contact?
  • De-duplicated your database to ensure that a single deletion is enough to remove any given person?
  • Set up a single, central data source, so that personal data are available to, but not stored on, your mobile and portable devices?
  • Got all the necessary policies and statements showing on your web site?
  • Implemented similar policies in your office, covering devices at home and in vehicles?
  • Nominated a Data Protection Officer/Responsible Person to handle enquiries?
  • Made sure that your backup regime is sufficient for business continuity without storing personal data beyond its delete by date?
  • Checked the physical security of all devices that hold personal data?
  • Made contingency plans to erase devices remotely in case of theft or loss?
  • Ensured that all paper records are held in a secure environment?
  • Put in place a programme of secure destruction for all paperwork records once their purpose has been served?
  • Set up a password change and creation policy to protect the information in your care?
  • Scheduled automatic review and removal/obfuscation routines for expired data?
  • Trawled through your email boxes to remove all out of date personal information?
As always, we are happy to help if you have any questions or concerns at this late stage. Just pick up the phone or click in the header of any page to send us an email.

See more news items in our blog.

Post a comment on this page.Click here to request Information on blog item 178
Share this story
Link to this story (copy/paste):
share us on facebook
share us on twitter
share us on pinterest
share us on linkedin
image link to send our link to a friend
get us to call you back