MENU

GDPR = DATA PROTECTION ON STEROIDS

The GDPR, or General Data Protection Regulation, is the most significant development in data protection that Europe and the world has seen in decades.

Where once fines for data protection rule breaches were a maximum of £500,000, GDPR means fines of up to €20 million or 4% of global turnover, whichever is higher.

THE GDPR, NOT YOUR PROBLEM?
THINK AGAIN…

The GDPR casts a global net – those fines apply to anyone based in the EU or handling personal data of EU-based individuals – including the United States.

That also includes small and medium businesses and their contractors.

All Isle of Man companies processing EU personal data must maintain records proving their compliance.

The GDPR sees data protection as a person’s absolute the right, with the burden of compliance on those who determine when, how and for what purpose personal data is used – “data controllers”.

ISO9001 Quality Management

THE GDRP PROVIDES FOR:

  • Direct liability for data processors Mandatory Data breach reporting
  • New individual rights including the “right to be forgotten”
  • Appointed Data Protection Officers (DPOs)
  • Mandatory “data mapping” and documentation
  • Specific consents
  • Enhanced privacy notices
  • Data protection Impact Assessments
  • Draconian penalties for transfers outside the EU

BUT, IT’S NOT ALL BAD NEWS

Besides mitigating reputational risk and avoiding those fines, complying with the GDPR has real benefits:

  • Increased stakeholder trust
  • Greater organisational efficiency
  • A major USP for you and your firm

3 STEPS TO GDPR ISLE OF MAN COMPLIANCE

STEP 1
GDPR GAP REVIEW

GDPR GAP REVIEW

A ISO QA Consultant will visit your business to review and document your current processes and procedures, highlighting any areas that do not meet the requirements of the GDPR.

STEP 2
GDPR IMPLEMENTATION

GDPR IMPLEMENTATION

Now it's time to make sure any required process or procedural changes are made, as highlighted in the Gap Review. ISO QA will work with you every step of the way to make these changes.

STEP 3
GDPR COMPLIANCE

GDPR COMPLIANCE

An Auditor must now visit your business to check that the documented processes are being followed and that the necessary changes have been made. Once they are satisfied, your business will be GDPR compliant.

LET US HELP YOU WITH YOUR GDRP COMPLIANCE

GET YOUR ISLE OF MAN BUSINESS READY AND GDPR COMPLIANT:

  • evaluating whether or specifically how the GDPR your non-EU operations
  • identifying “high risk” processes, as the GDPR defines them
  • creating a robust data breach response plan meeting the 72-hour notification deadline
  • implementing required data mapping processes
  • drafting/future-proofing new agreements
  • redrafting privacy notices to include new mandatory information
  • establishing mechanisms to obtain explicit data subject consents
  • creating security compliance checklists for your service provider processors
  • training all stakeholders
  • identifying your GDPR “main establishment”
  • reviewing your international transfers and identifying the most efficient transfer solution
  • advising on the EU-U.S. Privacy Shield, EU Standard Contractual Clauses, Binding Corporate Rules

While there’s still time, contact us today for more further information or to arrange an initial gap review.

Isle of Man GDPR Compliance