The GDPR: Is your business ready?

Despite the furore of Brexit over the last 18 months; we’re not yet out. As such, we’re still part of the legal behemoth that is Europe.

For many of us, EU laws get passed without much fanfare and rarely do we find out how a change in legislation effects us until we rely upon it or it’s used to our disadvantage.

As a consultancy, we support the needs of companies wanting to make sure that their processes are legal and efficient. Right now we’re working with clients to make sure that the employee data they store is compliant with current and incoming legislation.


So, the complex description of the GDPR:

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The primary objectives of the GDPR are to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It becomes enforceable from 25 May 2018 after a two-year transition period and, unlike a directive, it does not require any enabling legislation to be passed by national governments and is thus directly binding and applicable.


Businesses urged to ‘seriously think about overhauling’ data processes – or risk falling foul of the regulations

A fifth (21 per cent) of people plan to use their rights under the incoming GDPR to ask their employer or ex-employers to delete their information, research has revealed.

A poll of 2,000 consumers by data analytics company SAS also found that a similar proportion of people (22 per cent) intend to use the new laws to access the data their employer holds on them, and 21 per cent would seek out human intervention in favour of automated process for performance reviews.

The GDPR will enhance data protection laws and create a range of new responsibilities for those who hold personal data. Penalties for breaches could be up to 4 per cent of organisations’ annual turnover or €20m, whichever is greater.

Other studies have suggested that the new rules are proving problematic for employers, with research from Gartner warning that at least half (50 per cent) of companies will not be fully compliant with the regulations by the end of 2018.

The GDPR will still challenge employers and they will still need to comply with a multitude of data requests from employees, For many employers, old legacy IT and data systems may not be up to the task – this makes it all the more important to ensure that company data is kept clean and easily accessible in case these requests start to come in.


We are currently consulting with companies that are hoping to use the GDPR to their advantage in improving their systems by better managing their employee data. With our five point action plan, we can begin to understand how best to approach the change in legislation:

1. Start Understanding Your Data

2. Weed Out the R.O.T

3. The Right Time to Move to Cloud

4. Find Out Who Really Wants to Interact With Your Organisation

5. Greater Clarity, Less Room for Error

If you would like to find out more about how we can assist you in ensuring that you are managing employee systems and processes in a compliant or legal manner, give us a call on 03300 53 56 00 or email us. We’d love to talk over a coffee and tell you about how we do what we do.


Staff One manages data of over 400,000 individuals and is compliant to ISO9001, 18001, 27001 and GDPR standards.


%d bloggers like this: