Yes, we know what you’re thinking ‘ANOTHER GDPR ARTICLE!’ Don’t worry, however, because this one will be a bit different. Today we’re looking at what experts are saying about GDPR and will be looking at several common GDPR errors which companies may have made over the last month or so. As you probably know, the General Data Protection Regulation was introduced as a way of ensuring that all members of the EU’s data protection methods were streamlined and compliant with one another.
In the past, different countries had different methods, which meant that enforcing data protection became very difficult. With GDPR however, the rules are the same for all members of the EU, as well as for all businesses that deal with individuals located in the EU. The new law came into force on the 25th May, and so far, the majority of companies out there have complied perfectly and have had no issues at all.
Some, however, made some surprisingly common errors and mistakes and may still have not yet rectified said errors and mistakes. Today we’re going to look at a few common examples of GDPR errors, and if you feel you yourself may be guilty of any of the below, it’s vital that you put things right ASAP.
Not seeking expert advice – We know that opinions are like eyeballs, in that virtually everybody has them, but an opinion isn’t necessarily a fact. Talk to anybody about GDPR and they will certainly have something to say on the matter, though what that is will depend on the individual. One of the most common mistakes that business owners made while preparing for GDPR, was failing to seek expert advice.
Rather than speaking to trained professionals and experts that would be able to tell them everything they needed to know, and advise them on what they needed to do, they instead listened to the opinions of others, who were simply not experts on the matter. The problem is that everybody claims to be an expert when it comes to GDPR, and so they had one person telling them to do one thing, and somebody else telling them to do something else.
With all of this info being fired at them from all sides, it made it tricky for them to know where to turn and who to listen to. If they had simply taken the time to contact trained experts, life would have been made much simpler. If you’re still unsure whether you are GDPR compliant, don’t listen to the opinion of somebody on social media with no real experience, get in contact with an expert.
Trying to handle GDPR themselves – GDPR was, and still is, a pain in the neck for businesses big and small, as it was very complex and tech-orientated. Despite this, in an attempt to cut corners, save money, and ironically, to make life simpler for themselves, a lot of business owners tried to tackle their GDPR by themselves. GDPR requires incredibly tech-savvy individuals that possess a great deal of IT skills and if you do not possess these skills, tackling GDPR yourself will have been one of the worst things you could have done.
It simply is not worth the time nor the effort, unless you are confident that you know everything there is to know about GDPR, which is highly unlikely. If you’re guilty of doing a spot of DIY GDPR preparation, again, get in contact with an expert and have them handle it for you. It may cost money, but if you are found to not be GDPR-compliant, you face a very hefty penalty, which will certainly cost much more than it does to hire an expert to get your website and business compliant.
Leaving it too late – GDPR was enforced on the 25th of May 2018, and despite now being in operation for more than one month, there is believed to be some businesses out there that are still working on ensuring that their sites are compliant with the new GDPR rules and regs. Whether it was down to laziness, or a lack of knowledge, because they left it too late, these businesses are now at risk of an expensive fine and possible legal action due to not being compliant. If you’re still working on ensuring your business is GDPR compliant, it’s vital that you get that rectified ASAP. If you haven’t even started, don’t even think about attempting to do it yourself, instead hire experts and have them do it for you.
Assuming GDPR doesn’t apply to you because you’re not in the EU – Say, for example, you run an E-commerce website in the USA, as you’re not in the EU, your site is perfectly fine, and you don’t need to worry about GDPR, right? Wrong! If you ship your products globally, I.E to countries in the EU, you will handle the data of EU citizens, which means that you need to be GDPR compliant, it’s that simple.