Don’t make these 7 common GDPR mistakes?

During the many years of reviewing company documentation, we find there are a few common GDPR mistakes being made.

1) Businesses are still following the Data Protection Act of 1998, however you should review your polices and update these to reflect the UK Data Protection Act 2018

2) When GDPR came into place, businesses updated their privacy policy, however neglected to review other polices that also refer to data usage and did not implement a separate GDPR policy to be compliant.

3) Many businesses have a retention clause in their data protection policies, however do you have a process in place to ensure that you are sticking to these promises?

4) We all send and receive hundreds of emails daily, however do you check the content and recipient first? Are you sending personal or sensitive data in the body of an email and not in a protected attached file?

5) Employees now have the right to request to see information that you hold for them, do you have a subject access request policy? Do you stick to the 30 days rule and plan this into your workload, or do you forget and rush at the last minute to scramble the data together?

6) Do you have a policy to show who is data controller or data processor, do your employees know who these individuals are, and the responsibilities that these positions hold?

7) 80% of Data Breaches are from human error, have you trained your team on GDPR regulations and ensured that they have the tools that they need to be compliant?

In Conclusion

Being GPDR compliant is absolutely crucial in this day and age. MP Human Resources have the skills and resources to ensure your documentation is compliant. Avoid the above common GDPR mistakes by working with MP Human Resources.