30 likes | 54 Views
If you're trying to understand the General Data Protection Regulations, the GDPR Gazette can help you. This is Part 1 of our free 12-part course, 'GDPR Essentials'.
E N D
WORRIED BY THE GDPR? Jen was frazzled. Being the training manager for the UK arm of a large, global corporation was really hard work, she had decided. For two months, her life had revolved around the General Data Protection Regulations. Her employers were taking the Regulations very seriously. With a maximum fine of the larger of 20 million euros or 4% of global turnover she had to agree with their concern. Along with the company’s UK Data Protection Officer, she’d put together a training course. She’d been travelling around the company’s UK offices delivering GDPR training to its staff. Now she was back home in London and it was Friday night. She was looking forward to meeting up with her old friend Sue for a girls’ night out later on. With the pressures of work, Jen hadn’t seen Sue for three months. And Sue had been very busy with her own highly-successful recruitment business. Sue: “It’s great to see you. You haven’t been around for ages. What have you been up to?” Jen: “I’ve been busy travelling around the country for the past month delivering training courses on the GDPR?” Sue: “The GDPR, what’s that?”
Jen: “The GDPR are the General Data Protection Regulations. They’re like health and safety regulations for data. They come into force on 25th May 2018 and the maximum fines for non-compliance are eye-watering”. Sue suddenly looked worried. “Will they apply to my small recruitment business or are they only for big companies?” Jen: “The bad news is that the GDPR apply to all organisations holding data. The good news is that it’s a good thing you’ve asked me now. There’s still time for you to get your business sorted out”. Sue: “So what’s it all about?” Jen: “Basically the EU has upgraded its data protection legislation. It’s about time too, as the previous legislation dates back to 1995. Think about how much technology and the data kept on us all has changed since then”. Sue: “You’re right. The internet wasn’t in common use then and smartphones hadn’t even been invented. But I don’t like the idea of large fines. So what do I need to know?” Jen: “OK, let’s start with the basics. Think of the GDPR as health and safety for data. Like health and safety, you’ve got to identify risks, manage those risks and document everything. But there’s a bit more to it than that. The EU is taking data protection much more seriously by making the law a ‘regulation’ rather than a ‘directive’”. Sue: “I get it. But what’s the difference between a ‘regulation’ and a ‘directive’?” Jen. “Good question! Think of it like this. When you were a kid, your mum probably told you to go to the shops ‘to get some afters’ for dinner. What you got was totally up to you. Mind you. If you’d bought a big bag of crisps your mum probably wouldn’t have been too pleased. That’s like a ‘directive’. The EU sets out the law it’d like to see in each Member State, but how each Member State puts the law into practice is up to them”. “On the other hand, a ‘regulation’ is like your mum telling you to buy a specific item for dessert, say a particular brand and flavour of ice cream. You’ve got no choice in deciding what you’re buying. That’s like a ‘regulation’. The same law, the regulation, applies directly in each Member State. So the law is the same in each EU Member State”. Sue: “I get how important this is. But where do I start in applying it to my business?” Jen: “Before you can do anything, you’ll need to understand how the GDPR work. It’s getting late now. I’m free this weekend, so would you like to meet up at your office and I’ll go through the training that I’ve been delivering for my company? What time?”
Sue: ‘”That would be brilliant. Would 9am be OK?” Jen: “That’s fine! See you then!” For Part 2, go to GDPR Gazette’s free course, ‘GDPR Essentials’