Some new European legislation is looming, the MiFID II and GDPR…what does that mean for businesses.
March 2018, GDPR (General Data Protection Regulation) will arrive. This new legislation adds to the existing 1998 Data Protection Act. Although GDPR is on the radar for many larger businesses, it’s not so familiar with smaller ones.
Regardless of the size of your business, the regulation expects more proactive approaches to data protection and privacy.
Indeed, the larger corporates may see smaller businesses a higher risk if they can’t demonstrate data processing control and be failing to do so could mean a fine (equivalent to 4% of turnover). It states that personal data shouldn’t be kept for any longer than needed, which is a bit unsure. In an ideal world, a company should strive for absolute security as it’s very important for businesses to have access to an infrastructure.
There needs to be a clear divide between the recording of business and non-business calls, which can be an infringement of GDPR. Ensuring that business calls have a destined business number and personal calls are separate by using another non-business number, for example.
UK data protection standards would have to be equivalent to the EU’s GDPR framework. Meaning companies will need to get ready and prepare for both pieces of legislation.
To keep things simple and to summarise, make compliance high on your businesses agenda, no matter what size company you are!
For more information about GDPR please visit: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/