GDPR Non-compliance

[fluffybunny]

Speaking as a business owner of an IT security business(20 years in security, 35 in general IT with plenty of employees) that is fully GDPR aware, and has implement GDPR and PECR fully even to the point of implementing no cookies, no personal data, no tracking.
I am wondering why so many companies seem to be having a hard time of grasping GDPR, or see it as a tick box exercise , or seem to believe they can call themselves GDPR compliant ignore the law and carry on as before.
Only today I encountered one company asking for help with a marketing list that ran into millions, when i asked if they had opted in, and if proof was collected, the answer was yes. When i asked them under GDPR to show that there was unmitigated panic.
There is no need for panic so long as you put the customer and their data needs first. The only time you have a problem is when you try to put your own businesses needs first, and i see plenty of that type of self-delusion going on.
Thoughts?

 

[Hitesh Mistry]

Completely agree.

People talking about GDPR are emphasising on the consequences etc. They are using fear - which is making businesses worried.

If businesses stop, think and look at what Personal Data they have as a starting point, everything else falls into place.

Conducting a Data Audit will show businesses what is required and steps for mitigation.

Change always causes panic, especially when it's driven by an external factor.

 

[Awinner2]

Can anyone give me a link that will show me in simple terms what is required to be fully compliant?

 

[fluffybunny]

Yes search for "ICO GDPR" and its the first link after any adware links.
There are many checklists online but as long as you stay away for marketers organisations and their delusions and stick with the ICO you wont go far wrong.
Remember it isnt a tick box thing, its an ongoing process.

 

[Awinner2]

Thanks for the replies. I notice that the regulations apply to organisations. But I cannot find how an organisation is defined. My point would be does this apply to a sole trader operating a websites. Where it is common to have emails collected via optin forms for example

 

[fluffybunny]

Yes it applies to sole-traders.There is no exemptions to GDPR

 

[AllUpHere]

I find most conversations on the subject seem to be much more about finding loopholes and ways around it, rather than working out how best to comply with the spirit of the regulations.

 

[Jan Marc]

Low Cost GDPR help me to comply. They are offering templates kit. I searched for the most affordable and I found Low Cost GDPR.

 

[Jan Marc]

Can anyone give me a link that will show me in simple terms what is required to be fully compliant?

You can visit Low Cost GDPR