GDPR is Here! Manufacturing Business Checklist
Time’s Up! GDPR has Arrived!
On 25th May GDPR comes into effect, which doesn’t leave your business much time to comply – especially if you’ve procrastinated. In fact one year ago 70% of manufacturers had not yet started to prepare for GDPRs arrival, according to a survey conducted by YouGov.
This lack of preparation can leave your organisation exposed to hefty fines of £17 million, or 4% of your annual global turnover, whichever is higher.
Regardless of whether or not you’ve started preparing or are currently working on it, ensure you have the following four bare minimum GDPR compliance documents:
- Privacy Notice, which informs individuals how you will use their personal data.
- Retention Policy, which explains how long you may keep the individual’s data.
- Data Protection Policy, which explains how you are complying with the GDPR’s obligations and how your employees comply.
- Record of Processing, which details how you use personal data. (Note this is an internal document but must be available to share with the ICO on request)
Managing the Risk of GDPR
Not only was the manufacturing industry unprepared for GDPR a year ago. Also, 20% of manufacturers admitted that the maximum GDPR fine would put them out of business and 76% were not confident they could detect a data breach.
Their worries are well founded. We reported recently that in 2017 81% of large UK businesses and 60% of small companies suffered a cyber security breach.
Even if you aren’t affected directly, consider your supply chain. If one small subcontractor comes under a cyber-attack, it could derail a huge contract through lost time or stolen business information and documents.
As well as working to comply with GDPR regulations, business leaders must also work to manage their risk and to ensure they have appropriate cover and a robust cyber-insurance policy in place.
Most policies provide coverage in the event of a breach and may also extend to cover damages to your company’s reputation, provide advice on handling cyber attacks and crisis management.
Our Cyber team can help advise you on the level of cover and best policy. Contact us for a free, no obligation quote or for some advice on the issue.