Are you ready for the GDPR legislation?

Read more for an essential guide to the GDPR Legislation, current GDPR news and links to tools that you can use to make your business GDPR ready.

What is GDPR and why do I need to be aware of it?

GDPR Compliance is required by 25th May 2018. Whatever the size of your business, if you hold personal data, you need to be ready for the GDPR Legislation. Here are 10 things you need to know about GDPR.

GDPR Fines

Since May 2010 a fine for a breach of personal data has been capped at £500k.  Under the new GDPR Legislation the fines are increasing significantly. From May 2018, the fines will be up to €20m or 4% of turnover, whatever is higher.

Costly Mistakes

Any size of incident can lead to a fine, no matter how small.  As an example, a £120,000 fine was levied under the old Data Protection Act for an email sent to the wrong person by a solicitor.

Reputational Damage

All data breaches are reported via publicly available press releases.  This can have an immense cost to ongoing business viability when customers know their data could have been / could be compromised.

GDPR Management

GDPR compliance needs to be driven by someone who understands the legislation and case law.  It is essential this person oversees compliance across all departments and not just IT systems.

Staff Training

GDPR compliance needs to be driven by someone who understands the legislation and case law.  It is essential this person oversees compliance across all departments and not just IT systems.

Access Nuvem9’s 10 Things you Need to Know About GDPR Factsheet

A simple to follow guide covering the 10 things you need to know about the new GDPR legislation

GDPR in the News

GDPR News: Most UK firms “struggling” to secure data ahead of GDPR

Boards beware: GDPR is more than mega fines

How will the GDPR impact third-party lead generation?

Consumers ready to exercise rights under GDPR

GDPR: Are you prepared?

Need to take GDPR action but not sure what your next steps are?

We have partnered with Briefed.pro, the GDPR Compliance Specialists.  Briefed have prepared a range of online GDPR training courses written by a Barrister with an extensive knowledge of the GDPR Legislation.

The training is an ideal tool to give your staff the base understanding of the GDPR legislation, increasing awareness of what protection over personal data should be applied in your Company. Certificates of completion are awarded to all users who successfully complete the training.

The training is an excellent tool. We have used it ourselves in our business! There are real life case studies and 50 post training evaluation questions to enhance the learning. Those who achieve 80% or more in the Briefed Data Protection Awareness Training assessment will receive a Certificate of Excellence.

Via Briefed, we can also offer access to GDPR Policy Document templates and GAP Analysis and Assessment Consultancy to accelerate the implementation of GDPR policies and procedures post training.

Briefed GDPR E-Learning Course (Bronze)

The entry level course, designed to ensure your company meets the GDPR mandatory training requirements.

Content includes:

  • The logic behind data protection legislation
  • Introduction to and history of GDPR
  • Key definitions under GDPR
  • Definitions of the 6 GDPR principles and their practical use
  • The rights of data subjects.

Additional Benefits:

  • Real-life case studies
  • 20 post training evaluation questions.

Certificates of completion are awarded to all users who successfully complete the training. Those who achieve 80% or more in the Briefed Data Protection Awareness Training assessment will receive a Certificate of Excellence.

Price: £25+VAT per Employee

Briefed GDPR E-Learning Course (Silver)

The Silver level e-learning is designed for companies for whom the impact of GDPR will be greater. Those that:

  • Handle larger amounts of data / sensitive data
  • Would be seriously damaged by a publicised breach
  • Would be severely affected by a fine of £17m / 4% of turnover.

Content includes:

  • The logic behind data protection legislation
  • Introduction to and history of GDPR
  • Key definitions under GDPR
  • Definitions of the 6 GDPR principles and their practical use
  • The rights of data subjects
  • Subject access requests
  • The ICO and it’s powers
  • Data Breaches and how to handle them
  • Risks of a data breach
  • International transfers of data
  • Sample crisis situations.

Additional benefits:

  • Real-life case studies
  • 50 post training evaluation questions
  • Monthly reporting.

Certificates of completion are awarded to all users who successfully complete the training. Those who achieve 80% or more in the Briefed Data Protection Awareness Training assessment will receive a Certificate of Excellence.

Price: £45+VAT per Employee

GDPR Policy Document Templates

Each Data Controller and Data Processor is expected to have enhanced documentation in relation to all data processing activities that the Information Commissioner’s Office (ICO) can choose to audit at any time.

As made clear on the ICO website, the GDPR contains explicit provisions about documenting data processing activities. Organisations must maintain records on things such as processing purposes, data sharing, and retention, and will be required to make the records available to the ICO on request.

Records must be kept in writing, must be kept up to date and must reflect the organisation’s current processing activities.

Briefed has developed a suite of generic templates based on the requirements of the GDPR. These templates can be downloaded and tailored to suit the specific needs of any organisation. These guidance notes describe the key information needed to complete this task.

The following GDPR document templates are available from the Briefed online GDPR shop.

  1. Data Protection Policy
  2. Data Security Policy
  3. Retention and Disposal Policy
  4. Privacy Notice
  5. Subject Access Request Policy
  6. Data Sharing Agreement
  7. Joint Data Controller Agreement
  8. Internal Data Breach Notification
  9. Data Processed Register
  10. Training Register
  11. Device Register
  12. Third Party Data Sharing Register
  13. Subject Access Request Register
  14. Data Breach Register
  15. Near-Miss Register

The GDPR Policy Document contains almost 100 pages of templates.

Price: £495+VAT

Online GDPR Gap Analysis Assessment And Report

Designed by barristers this online GDPR gap analysis is a cost-effective GDPR solution for small or low risk businesses, which enables you to start your GDPR compliance journey immediately.

Reaching past the hype and drilling into what the legislation actually requires from you, you can stop trying to sort through conflicting guidance trying to figure out what to do. This assessment will take you step by step the key requirements of the GDPR legislation, identify where you are failing to comply and making solid, actionable recommendations that you can easily implement within your organisation.

You will receive a custom-drafted report from a member of our team, who will then consult with you to make sure all your queries are answered.

You get the speed and efficiency of an online product with bespoke advice from a real lawyer.

Best For:

Start-ups or new businesses.

Micro-businesses or businesses who handle little personal information.

Budget-conscious organisations seeking fast, real advice on how to comply with GDPR legislation.

Includes:

  1. A guided online GDPR Gap Analysis Assessment for your business or organisation.
  2. A GDPR report containing key compliance recommendations for your business delivered to you within 7 days.
  3. A complimentary licence to our Silver GDPR online training package.
  4. A one-hour post-report consultation to discuss the findings in your report and help you answer any queries or concerns.

Price: £950+VAT

GDPR is Coming- Be Aware and be Ready

Bronze Level GDPR Awareness Training

Silver Level GDPR Awareness Training

GDPR Policy Documents

GDPR Gap Analysis Assessment