That’s the question chartered accountants and business advisers PKF Francis Clark and solicitors Stephens Scown will be asking at a one day seminar on the 27 July. The day is aimed at businesses who may have put GDPR measures in place and those who have yet to take action and is designed to check GDPR compliance and to offer businesses a guide through the minefield of information and myths surrounding the regulation.
The EU General Data Protection Regulation (GDPR) is one of the most important changes to data privacy in 20 years. The regulation came into effect on 25 May and regardless of Brexit, all UK organisations’ handling personal data need to comply with it.
Earlier in the year, research by the Federation of Small Business found that around two thirds (68%) of smaller businesses had either not started or were only in the initial stages of GDPR preparation. Worryingly, only eight per cent of small businesses had completed their preparations at that stage. Where previously the UK Data Protection Act 1998 ( DPA) carried a maximum fine of up to £500,000 for serious breaches, under GDPR fines of an upper limit of 20 million euros or 4% of annual global turnover are now enforceable.
‘The GDPR one day practical guide to compliance’ is aimed at owners, directors and managers of businesses that collect and process client or prospect data. It will focus on GDPR from a ‘hands- on’ point of view allowing attendees to understand their obligations and action them. These include:
- Assessing the risks to your business for non – compliance
- How certifying to the IASME governance standard provides a business with a system for managing the controls which protects personal data
- Your responsibilities to implementing controls such as training staff, dealing with incidents and handling operational issues
- Useful materials to help your business become compliant.
The workshop will be led by Ben Travers Partner and Head of IP/Data Protection at Stephens Scown and Richard Wilding, Head of Cyber Security at PKF Francis Clark.
Richard Wilding said: “GDPR is not a ‘one off’ box ticking exercise but the start of a compliance journey for a business which requires a complete review of a businesses’ data, IT policies and procedures, contracts and processing activities going forward.
“Our one – day practical seminar will help businesses quickly determine whether they are compliant and if not what changes they will need to implement to become so. The focus will be on real – life situations and our experts will be on hand to guide delegates through the process taking on board their individual circumstances.”
The Workshop takes place at the Devon Hotel, Exeter EX2 8NU on Friday 27 July 2018 10 am – 4pm. Cost per delegate is £495 +VAT. A networking lunch is provided. You can reserve your space by visiting the Eventbrite site here