GDPR (General Data Protection Regulation)
General Data Protection Regulation or GDPR was the first major change to the Data Protection Act in over two decades. The first real all encompassing act to also cover digital media - this change hands back power to the individual.
From now on it's all about obtaining "consent" to use personal data - and being very clear in what you will do with a persons data where consent is given.
Whilst many organisations will have seen the headlines from the likes of ICO and the fines they can impose; maximum fine now reaching the higher of €20m (£17.5m) or 4% of the company’s global turnover. It is often underplayed the significant positive impact, being GDPR compliant , can bring.
By conducting Privacy Impact Assessments (PIA) and workflow mapping, it is a great way to identify and minimise unproductive/irrelevant tasks which have built over time.
In addition, reviewing and updating your own policy documents also ensures a fully closed loop to this sensitive topic - which gives a real confidence to your customers.