CARA TV interview: What is GDPR for SMEs?

Our Founder & CEO explains what GDPR is, what it means for SMEs, and how they can address it!

Our Founder & CEO, Robert Baugh, was interviewed by old friend Robert Gibbons for CARA TV.  The topic is a key one: what is GDPR and what does it mean for SMEs?  See it here!

SMEs struggle with GDPR

Even the European regulators recognise how hard GDPR can be for SMEs, who lack the resources of large enterprises:

‘The EDPB acknowledges that the implementation of the GDPR has been challenging, especially for small actors, most notably SMEs. [Data Protection Regulators] have been developing several tools to support SMEs in complying with the GDPR. The EDPB is committed to facilitating the development of these tools in order to further alleviate the administrative burden.’

What exactly is GDPR?

We’ve a great Privacy Kitchen video that takes you through What is GDPR? in less than 10 minutes.  Essentially GDPR is the EU General Data Protection Regulation, which took direct effect across the EU on 25 May 2018 – including in the UK as the UK was still an EU Member State at that time.

The GDPR sets out the rules you need to follow when you process personal data, across the entire data lifecycle from collection to destruction.  For example:

  • you need a legal basis to process personal data, such as consent, legal obligation or legitimate interests,
  • you need to give a Privacy notice to data subjects setting out certain information, including that legal basis and the purpose for which you’re processing the data – the ‘why’
  • there are rules on ‘repurposing’ data, in other words using it other than for your original specified purpose,
  • other rules include rules on security measures, data protection by design and by default, and being able to demonstrate your compliance (the ‘accountability principle’)

What about Brexit?

We’ve got you covered here too!  We’ve an excellent series of Privacy Kitchen videos on Brexit including Did Brexit kill GDPR?  In essence:

  • the UK adopted the EU GDPR as a UK law called ‘UK GDPR‘, amended to replace references to the EU with the UK, and remove references to other EU-specific areas,
  • the UK GDPR is otherwise almost identical to the EU GDPR, the main obligations are all there and use the same wording.

So there’s no escape!  In fact, UK organisations – and organisations around the world – now have 2 GDPRs that might apply to them…

But don’t despair!  We’ve a very handy summary of the 7 Key Brexit Impacts to help you with your Privacy program.

How to comply with GDPR?

Our Privacy Kitchen video 10 Steps to GDPR Compliance, takes you through how to approach GDPR and create your Privacy Framework.

You’ll typically need:

  • an internal champion to roll their sleeves up and take charge as the point person in the organisation,
  • an external advisor, particularly in the early days as you get up to speed, and to help you manage your ‘get compliant’ program.  You’ll want their number on speed dial for your ongoing maintenance too as breaches, data subject rights and more happen along the way, and to maintain your Privacy Framework, and
  •  some Privacy tech to help accelerate your program and make it all easier.  You can run finance from a spreadsheet but Xero makes it easier – SaaS is popular for a reason!

Of course, we recommend that you use Keepabl’s GDPR compliance software to make getting and staying compliant, working with colleagues and advisors, and demonstrating your compliance intuitive and super simple (OK, as simple as it’s possible to make it!).

About CARA Technology

CARA TV is published by CARA Technology.  CARA is a team of IT specialists who work with customers, as an extension to their business, in order to understand, analyse, propose and deliver appropriate IT solutions and services.  If you’re an SME wondering is you’ve the right Security in place (one of GDPR’s 7 Principles), then CARA can help you.

About Privacy Kitchen

If you’ve been saddled with … sorry… if you’re dealing with GDPR for your organisation, then Privacy Kitchen is for you.

Whatever stage you’re at and whether you’re in IT or Security, Ops, Legal or Compliance … even if you’re the DPO or ‘also’ the DPO … Privacy Kitchen has free video help on topics from email marketing rules to DPOs to Brexit.

About Keepabl’s GDPR Compliance Software

Keepabl’s ‘Start with the Why‘ is:

to joyfully use technology to solve people’s headaches and make them feel happier!

You might feel there’s not much joy around GDPR, but you can hear how our GDPR SaaS and accompanying Privacy Policy Pack makes our customers’ lives easier, more productive and helps them capture rewards in industries such as Finance (Canaccord Genuity), Health (Syndi) and Gaming (Parimatch).

Take a look around our website and feel free to arrange your demo and FREE Trial right now – we’d love to talk with you!

 


Related Articles

183 Million Reasons MSPs should look at GDPR

“183 Million Good Reasons” Keepabl’s Robert Baugh was recently invited to take part in a podcast for The IT Provider Show, where hosts Rick Yates and Abbie-Lee Hollister, industry champions and…

Read More
Keepabl obtains Cyber Essentials Plus

We’re delighted to announce that Keepabl’s Security practices have been independently certified under Cyber Essentials Plus! Security’s in our DNA Security is one of GDPR’s 7 Principles and is fundamental…

Read More