New data protection regulations will be in force from May 2018 in the form of GDPR and anybody who stores data needs to be aware of what is coming, what it means for them and what measures they need to add to their websites and data storage procedures to comply with the regulations and in doing so protect their clients’ data.
We’re currently embarking on this process for Tad Web Solutions and happen to be very lucky in that we have access to a security expert who is helping us out with advice and support on how we can review, plan and implement new procedures and processes through small incremental chunks to manage the whole package of GDPR requirements.
Our first step is simply to identify the data we absolutely require to operate the business. As a small business this will be less difficult than some, for instance law firms, who typically store lots of very personal data. We will then be looking at how the data is stored, consent procedures with clients, client access to their own data etc. Throughout developing our own system we will be seeking the advice of our friendly expert and plan to have robust and fully compliant procedures, written, implemented and followed at all times.
This means two things for our clients:
- Once complete we will inform you of our procedures, how you can see the data we hold on you, what your rights are and be asking for consent for data storage as we work with you. The data we store or have access to will vary from project to project depending upon complexity so the exact procedures may vary, for instance if you have a standard brochure website it will be relatively simple but for a complex data-driven website where we regularly add functionality to your systems we may have access to more detailed data and require a more robust procedure.
- We will have developed systems and procedures that can be applied to many other small businesses and we could make these available to you, along with review of your specifics from our expert security contractor to reduce your costs for implementation.
Watch this space as our systems progress we will keep you informed and hope to provide some insights on our approach, issues that were raised and any implications there are for our clients.