Reasons to choose Wilson Browne
Here’s our top 5 tips to ensure your data processes are compliant.
- Keep personal data organised – Know where your personal data is kept so that you are able to quickly respond to a data subject access request. This also demonstrates an intention to keep personal data organised and secure should the ICO (Information Commissioner’s Office) ever investigate your data protection processes.
- Keep it secure – Ensure that appropriate security measures are in place depending on where personal data is stored. If stored electronically, have anti-virus software in place and ensure computers are password protected. If stored on site, consider investing in fire-proof storage and in any event, ensure offices are locked and secure outside office hours. Recording the safety measure you have in place is another useful way of demonstrating compliance to the ICO.
- Review your privacy policies – As technology advances, new types of personal data may be created. The GDPR requires you to review your data protection processes and the types of personal data that you hold on an ongoing basis. If a business starts processing a new type of personal data, ensure that your privacy notice is updated accordingly to include this new information.
- Consider data retention- Organisations should only hold on for data for as long as is necessary. Make sure there is always a clear business reason for storing personal data, and set out your data retention policy in an easily accessible document that data subjects can review. Again, periodically review the personal data that you hold and securely dispose when this is no longer required.
- Speak to a qualified legal expert should you have any GDPR-related queries. Wilson Browne Solicitors provide expert legal advice on GDPR compliance, tailored specifically to your business.