Many businesses, including ours, have already started to review internal systems and processes to identify what changes will be necessary to comply with GDPR.
It is our expectation that every organisation will need to implement some change. Over the next 12 months we will be working with businesses and charities to help them get ready for the new data protection regime.
The process of getting ready for GDPR will involve a change in mindset and approach as well as systems and documentation.
We are encouraging everyone to start looking at this now and to spread the load, which will make the task in hand a lot more manageable and give time to embed the changes well in advance of May 2018!
GDPR is an evolution, not revolution. The Data Protection Act already requires that data is processed fairly and lawfully, so charities shouldn’t have too much more to do. So don’t panic – take it as an opportunity to review how you process data already and make sure you’ve got plans in place to make any changes that you need to be ready for next May.