What We Do GDPR Compliance Service

The General Data Protection Regulation (GDPR) will replace the current Data Protection Directive 95/46/EC. This new regulation was approved by the European Parliament on April 14, 2016, it will not apply until in the UK until 25 May 2018, but it does require companies to start preparing now.

The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.

Breached companies will find the fines they face have increased dramatically, penalties will reach an upper limit of €20 Million or 4% of annual global turnover – whichever is higher.

For many business, the threat of insolvency or even closure as a result of GDPR penalties will soon be very real.

The GDPR applies to both automated personal data and to manual filing systems where personal data is accessible. Almost any data about a person that is collected may be considered personal data and as such, fall into the GDPR regulations. This is much wider than the current Data Protection Act’s definition.

Practical Networks Ltd has developed along with our partners a single product that can do a full GDPR assessment on your company’s data network. This involves an initial assessment and then a 15 day data discovery and mapping exercise. Once these phases have been completed we will present a detailed document of the discovered Personally Identifiable Information that is being processed by your company.

If you wish to discuss this further please complete our GDPR Questionnaire below and someone will get in touch with you.

Or if you prefer contact us at gdpr@practicalnetworks.co.uk or call 01723 587240.

Welcome to your GDPR questionnaire

Name
Email
Company
Phone
1. Policy and Governance

Is GDPR non-compliance a concern to your company?
2. Have you put policies and procedures in place to mitigate risks to personal data?
3. Do policies and procedures set clear responsibilities for handling of personal data?
4. Do you provide data protection awareness training for all staff?
5. Do you have a designated Data Protection Officer?
6. Does anyone outside your business have access to your data?
7. Do you have a process in place for data breach reporting?
8. Business Processes & data

Do you seek direct consent for use of the data from those that you hold data on?
9. For each piece of personal information you hold, do you record the purpose for which it was obtained?
10. Do you have a process for correcting inaccurate records, deleting records or suspending the processing of records?
11. Do you have mechanisms in place which make it as easy for the data subject to remove consent for data processing and do you ensure it is as easy to remove consent as it was for them to give it?
12. Systems and Technology

Has your business established an information security policy supported by appropriate security measures ?
13. Are you certain that your data is secure?
14. Is your data accurate and up to date?
15. Do you have a data protection or data privacy statement compliant with the requirements of the General Data Protection Regulation (GDPR)?
16. Do you have documented data retention periods and do these cover contractual and legal requirements?
17. Do you have a security framework in place?

Please click submit to continue.