UK: +44 (0) 20 3922 1222 / AUSTRALIA: +61 (0) 2 9053 9703
Select Page

As GDPR approaches on May 25th 2018, many small business owners appear to be burying their heads in the sand. Recent research by the FSB shows that 33% of small businesses are yet to begin preparations for GDPR, 35% are in the very early stages and just 8% have completed preparations. Gartner even go as far to predict that by the end of 2018, more than 50 percent of companies affected by the GDPR will not be in full compliance with its requirements.

It is clearly too early to say who of those can guarantee ongoing compliance post watershed – some businesses think the new regulation won’t apply to them, with others thinking they can wait until the May deadline to take action. Oddly enough, some even think that GDPR won’t happen, or that the ICO will not follow through with the implementation of their heady fines matrix – they are wrong. GDPR applies to any organisation that processes Personal Data for citizens of EU member states, whether that company is based in the EU or not.

Companies must be able to demonstrate where their Personal Data came from, how they process it, and their legal basis for doing so. They must also meet strict guidelines for reporting data breaches and develop processes for giving customers the right to be forgotten. All regulations and requirements under GDPR are made more complex to manage, particularly when the majority of companies still manage data storage and flow in an unstructured way, relying on legacy infrastructure and static file servers that, unlike the Oxygen Digital Workplace, lack any kind of search or data indexing functionality.

Without exception, organisations must take steps towards compliance, or risk heavy fines. From May 25 2018, the ICO’s new fine structure will take effect, meaning companies that fail to comply with GDPR could attract penalties of €20M or 4% of global turnover, whichever is greater.

While the threat of fines is real, logic suggests that the ICO will exercise some leniency in the beginning. Large, high-profile companies are obvious targets and may be used to set an example. But don’t be surprised if the ICO also singles-out some smaller businesses, who have taken a devil-may-care approach to GDPR.

What is certain is, it’s time to act – not solely to avoid fines; GDPR is much needed and positive. Yes, it creates additional work for companies required to comply, but as individuals, we should all be for GDPR modernising the way our data is collected, held and processed in the new digital World. Ultimately, information security is key and GDPR is just one step to help bring certain companies in line and away from their dubious practices.

However, GDPR doesn’t need to be complicated, especially for small businesses. By now, we’ve all seen the ICO’s 12-step guide for compliance and that’s a great place to start.

Users of Microsoft Office 365 can use Microsoft’s free Compliance Manager tool to manage their GDPR compliance – the ISAAC team are expert in explaining the features and benefits and implementing this solution. Or you can go a step further and implement Oxygen Compliance Guardian, a comprehensive and secure automated tool that connects to your (multiple) data sources and applies pre-set rules to ensure that, once you have achieved compliance, you remain compliant, receive automated breach notifications and even go as far as deleting, redacting or anonymising data to ensure your compliance.

ISAAC create Digital Workplaces that manage everything from processes to people. The Oxygen application suite for Office 365 and SharePoint online is an intuitive, secure and scalable way to easily modernise the way you manage information, from where it is stored to how it is stored. Our approach is simple; human-centric applications, customised to suit your business, workflows and processes. Oxygen is today’s Digital Workplace, built into the Microsoft Office 365 cloud, providing a cost-effective, scalable and secure environment to manage, share and collaborate from.

You may also like:

ISAAC again shortlisted for the UK Business Tech Awards 2021

We are very excited and honoured to again be shortlisted for the UK Business Tech Awards. In 2018 we were nominated in the Tech Business of the...

Easily manage your employees location and ensure collaboration wherever they are

According to a poll of 520 business leaders by the London Chamber of Commerce and Industry almost half of London companies whose staff can work...

The March 2021 Microsoft hack – What was it? and why should you care? (for companies) – 3 min read

Widely reported in the mainstream news, due to the severity of this attack, Microsoft reported on the 2nd March 2021 that vulnerabilities in...

Help to Grow: Digital Initiative

2021 UK Government Budget, March 3rd Help to Grow: Digital Initiative In response to the Covid-19 Pandemic, the UK Government have launched a...

How to share your Outlook calendar

Sharing your Outlook calendar within your own organization. Sharing your Outlook calendar is a common question we see so this post is a very...

How to stay signed in to Microsoft 365

Logging into and staying logged into Microsoft/Office 365 One of the conveniences of the modern world is being able to sign in to a service is...

Don’t panic! – How to retrieve an older version of a document

Last weekend an event at home inspired me to write this blog post. It's worth noting that although this post discusses OneDrive, the principles...

How to setup Multi Factor Authentication on your Microsoft 365 account

How to setup MFA (Multi Factor Authentication) and the Microsoft Authenticator App on your MS 365 Account Once your administrator has enabled...