Are you ready for the General Data Protection Regulation?

August 31, 2017 SSP Marketing

Many of you are probably aware of the changes in data protection legislation coming into force on 25 May 2018 through the General Data Protection Regulation (GDPR) — the new framework regulating data protection for individuals within the EU.

Are you ready for the GDPR

As the GDPR is a set of European regulations, there is a question over its implementation in the light of Brexit.

Nevertheless, the advice from the government and the Information Commissioner’s Office (ICO) is to fully prepare for it in any case, particularly for companies keen to continue to trade with the EU.

What does it mean for you? 

The GDPR strengthens and widens current data protection legislation, and there are some significant new elements and features to be mindful of.

The regulators can issue larger fines for breaches of the legislation.  These can be up to 4% of the total worldwide annual turnover of the breaching organisation or 20 million euros, whichever is higher.

Data subjects also have new and enhanced rights over the personal data that you keep, so you need to ensure that your procedures will cover, and demonstrate compliance with, all of these. This includes the right to be forgotten and for a data subject to receive their personal data in a portable format.

What does it mean for SSP?

There are two main areas of work for SSP:

  1. Ensure that we are compliant with the regulations in terms of the personal data under our care.

    This covers everything from how we handle and process our customers’ client data, and the design of our software and services, to our security systems and other safeguards.

  2. Ensure that the requirements of the regulations are built into our software to enable our customers to be compliant.

    Our customers need software that will help them to comply with all aspects of the legislation, such as the right to be forgotten. This is where an individual has the right for all information about them to be removed from a data controller’s systems.

What we are doing?

A programme of work has been started to ensure that our products and services help our customers to be GDPR-compliant. This will involve working with our customers, regulators and other industry bodies to clarify how the legislation will be interpreted in practice. The programme will allow for a robust testing period from the start of 2018 that will enable SSP and our customers to be ready and compliant by the time the regulations come into force in May.

As we continue to work through this programme, we will keep you informed of the latest developments through regular updates.

Further reading

In addition to the EU’s GDPR website (www.eugdpr.org), the ICO has set up a data protection reform site which contains information and guidance about GDPR and preparing for it: www.ico.org.uk.

As well as reviewing the 12 steps to take now on the ICO’s website, you may wish to limit the risk of other breaches of the GDPR when it comes into force in 2018.

This article is an extract from SSP eye issue 10

Previous Article
Join us at Money Marketing Interactive Harrogate 2017
Join us at Money Marketing Interactive Harrogate 2017

After a successful event which took place earlier in May this year, Money Marketing’s flagship conference, ...

Next Article
An insight into SSP Workflow
An insight into SSP Workflow

We caught up with Craig van Zeyl, founder and CEO of e5 Workflow, to better understand the application and ...

Learn more about SSP solutions

Learn More