Plain-English guide to GDPR compliance for UK on-line businesses

Beginning in 2018, EU regulation around data protection becomes a lot stricter and more comprehensive. The new General Data Protection Regulation (GDPR) is an update of the former EU Data Privacy Directive (DPD), design for our modern, hyper-connected world. 

The key phrase in the new data protection regulation is "user-centric control." It is an honest (if ambitious) effort to give end-users back a sense of control over their own data privacy. While the most visibly affected players are the big-name software giants, the fact is that GDPR applies to every business that processes or stores customer data, almost regardless of size. 

How are small businesses in the UK affected? More importantly, how can you as a decision maker ensure that your business is compliant and capitalise on the benefits of compliance? 

As with many things in business, data protection is best thought of as an on-going process of continuous improvement, with the aim of adding value for your customers and for your business. 

"GDPR isn't just a compliance project. It's a business culture change project." ~ Simon McGarr, Data Compliance Europe

We have released a plain English guide that answers the most pressing questions:

  • What is GDPR and how does it apply in the UK?
  • What is the timeline?
  • What sizes and kinds of SMEs are affected?
  • Which areas of the GDPR are of particular concern to SMEs?
  • What is the essence of the main GDPR requirements?
  • How will GDPR be enforced and what are your potential liabilities?
  • How does data protection regulation affect you if you use cloud-based platforms such as AWS?
  • The 7 steps of the GDPR compliance lifecycle
  • What to expect from a data protection risk assesment
  • Further reading and resources

Download the complete document here: "Practical guide to surviving GDPR in 2018: for UK-based on-line businesses"