Boss Lady

How small business can defend against GDPR


GDPR may be the biggest current buzzword for everyone involved in business, especially as the countdown to 2018 looms, but there really shouldn’t be any reason to fear. May 2018 will introduce tighter rules surrounding data protection in a list of articles titled the General Data Protection Regulation (GDPR), which will change the way that organisations store, collect, and use data.

GDPR will affect data discovery and data classification, where companies should ascertain where every piece of data comes from and how it is stored, and then identify whether or not it is deemed private data (i.e. addresses, names, bank details etc.). Many companies that use cloud storage for their data may be dealt a difficult task of amalgamating all the data principles and ensuring that they comply with the data regulations. There are several things businesses can do to mitigate breaches, and many are instigating procedures in place now in readiness for the move.  One such method, which provides added protection throughout, is the use of a web application firewall, to prevent cybercriminals from taking advantage of web applications to access company data. Firewalls can help data remain secure and prevent any breaches in a world where business is increasingly cloud-based.

GDPR will also affect what businesses can ask of potential customers or clients who may be freer with their data than they should be. The onus returns to businesses to ensure people are not giving away any data they don’t need/want to. For example, customers will have to opt into marketing emails to be added to databases for direct mail, as opposed to the current opt-out policy. Businesses will also be forced to announce a data breach a lot sooner than they had to before (days rather than years), and can be dealt hefty fines for non-compliance. Furthermore, businesses are suggested to inform every employee of the data laws changing to ensure that nobody acts out of lack of knowledge and places the entire company in jeopardy. The court wouldn’t accept their ignorance as a viable reason for breaching the regulations.

While big corporations are preparing for potential data breaches and more savvy with data, smaller businesses may be just as at risk through wilful ignorance that such an attack or failure to comply with GDPR would affect them. Any corporation that deals with data of any kind, which today is arguably every single one, will have to ensure their data codes match up to GDPR as a crackdown could leave them out in the cold. With fines of  4% of their annual turnover at risk, newer, more vulnerable small businesses could end up hovering over the fine line between breaking even and declaring bankruptcy.

While the concept sounds scary, immersing your business in GDPR now can help mitigate any issues and ensure you are ready for the switch. Get yourself a data protection officer to ensure you don’t slip up. Due diligence is really the order of the day when it comes to GDPR and there is no reason, with the correct forewarnings, that business should suffer. Following proper procedure now will save a lot of time as summer approaches.

About Business Woman Media

Our women don’t want to settle for anything but the best. They understand that success is a journey involving personal growth, savvy optimism and the tenacity to be the best. We believe in pragmatism, having fun, hard-work and sharing inspiration. LinkedIn

Recommended for you

1 Comment



    December 22, 2017 at 11:46 am

    Don’t forget about candidate data! Even if you’re outside of the EU, if you hire remotely and have European citizens applying, you need to brush up. Here’s a good guideline:

    Thanks for sharing! Great tips.

What Do You Think?

Your email address will not be published. Required fields are marked *