Does GDPR really matter? It’s fine, I’ve got plenty of time haven’t I? I must aready be covered, surely?
These are just a few of the questions we hear on a regular basis regarding GDPR and the upcoming changes in data protection. And the answers – yes it does, no you haven’t and unfortunately, probably not.
In fact, one of the most honest answers to this question has come from a blog post from David Savage, an associate director and technology podcaster, titled “Why does GDPR matter so much? Because you employ people like me!”
His inciteful blog outlines, very simply and honestly, a few scenarios as to why, as the employer, something which may seem like it’s not your problem, almost definitely is. Our favourite of Savage’s examples? This:
“When I started at my current company I was 22. All of my university friends were in London and the idea of going out on a Wednesday night didn't always seem particularly dumb. If I also went out on Thursday and Friday I was a little tired by the weekend. I'd regularly fall asleep on public transport. Once I fell off my seat on a bus and ended up in A&E, another time I hitchhiked back into London after discovering my ‘phone and wallet had been taken from my boozy unconscious form. We can all fall asleep and leave documents or hardware at risk whatever state we’re in. If that mobile had been my work mobile the breach would be by my employer, not me.”
What that means for you
Yes, it may seem like a bit of a trivial example. But it outlines perfectly just how easy it is to commit a breach. And it can even be extended to inside the office. For example, when personal documents or sensitive information are left in the printer and become accessible to anyone. This is especially of note as GDPR now requires privacy by design, so systems, processes and software must also comply.
And unfortunately, for both these situation, negligence and denying all knowledge just won’t cut it when the fines start rolling in.
So it’s important to remember there are many factors that need to be taken into account. You can read more about GDPR and the key factors you’ll need to take into consideration here. Or why not get in contact for a non obligatory conversation or meeting to find out how we can help ensure your compliance.