Greenway’s Top 7 Gdpr tips
GDPR caused a big panic in 2018 when the legislation came into force, and most of us made our workplaces GDPR-compliant. But what happens when the workplace has become our homes and computers? While we’re all worried about protecting our businesses and families, we can’t forget about protecting our clients and their information.
Here are Greenway’s Top 7 Tips to keep your data safe while your team is remote working:
- Know Your GDPR Policies
- Know The Risks
- Get To Know Your New ‘Office’
- Device Safety
- Spread The Word
- Keep It Simple
- What Happens Next?
Why Get Business Advice?
Because you’re good at what you do. Greenway Financial Advisors can help you grow your Managing Director skillset.
We help you analyse your business, and take full advantage of the opportunities and obstacles in your path.
Get Business Advice from us
- 40 years of combined industry experience
- Proven strategic ability
- We tailor our solutions to your company
- We help you build on what you’ve already achieved
1. Know Your GDPR Policies
It’s nearly the two year anniversary of the enactment of the General Data Protection Regulations. 2017 and 2018 were extremely busy and stressful, as we all worked to ensure that we had policies in place for every situation.
Now is a good time to familiarise yourself with the policies your company has, and how it applies to a remote-working environment. You may even have remote-working policies with your GDPR documents, but how long has it been since you reviewed them?
What new programs are you using?
How many devices are your staff using?
2. Know The Risks
There are so many things to worry about right now, but don’t forget the risk of a Data Breach. The penalty for a Data Breach can be €10M – €20M, or 2% – 4% of the previous year’s turnover. As many of us face reduced turnover this year, it’s even more reason to keep this important data safe.
Track how it’s being used, collected, and stored while we’re all remote-working. Ensure that any important paperwork is securely stored, and don’t forget about visibility in the background of webchats and video-calls.
3. Get To Know Your New ‘Office’
How do you manage a ‘Clean Desk Policy’ when the desks may be doubling as kitchen tables and duvet covers, in some cases? Talk to your staff about their work-from-home setup, and if each staff member needs their own guidelines for keeping work documents and equipment safe, so be it.
It’s easier to work with your staff on their individual circumstances than to try to apply vague guidelines across the board. This is a time of major adjustment. Some of your team are dealing with extremely full homes, childcare, and a lack of general privacy, let alone GDPR-compliant workspaces. As a business owner, you’re probably familiar with having your work follow you around your home.
4. Device Safety
You probably had to adapt to working from home extremely quickly. Talk to your IT provider again, and ensure that you’re doing everything you need to keep your devices secure. Have all your employees implemented the proper virus protection on their devices?
If you’ve recently transitioned to working on Cloud-based systems, make sure that your GDPR policies are updated with lists of all your new software and procedures. If your systems don’t do it automatically, request that all your staff update their passwords for your systems. It’s been two months of remote-working, and it’s a vital habit for your staff.
If any of your staff have been working on their own devices, request that they spend time this week ensuring that no company documents are on their own harddrives. It’s an easy mistake to make, but it can have severe consequences.
5. Spread The Word
Just like in 2018, refresh your staff’s memory on what Personal Data is, what GDPR is, and the principles of how and why data can be collected and held:
- Lawfulness, fairness, and transparency
- Purpose Limitation
- Data Minimisation
- Storage Limitation
- Integrity and Confidentiality
Read more about the principles here, on the Data Protection Commission website.
Be clear and concise with your staff
6. Keep It Simple
Really think about how to apply your GDPR policies right now. It won’t be as easy as forwarding all the policies to your staff, and expecting them to implement them to their homes. We recommend making checklists of actions for your staff, that they can follow each day.
This can include shutting down company software at a specific time; agreements with your staff that company devices will not be used in the home by non-staff; clear guidelines regarding downloading software & making your staff aware of common phishing emails.
Make sure your staff are aware that protecting personal information now goes both ways. Untidy computer desktops on shared screens, or even personal items in view during web conferencing can compromise the safety of your staff and their families’ data.
Work with your IT specialist for these guidelines, or use the services of a specialist GDPR compliance company.
7. What Happens Next?
While we all hope that normality returns soon, the move to working from home may change the work environment forever. You have more time to plan for a return to the workplace than you did for the current work-from-home situation. Plan how you can ensure that no client or company information remains in your staff members’ homes.
If any staff had to bring files from your office, ask them to provide you with lists of these files, so that you can confirm receipt of them. Remember that staff may have generated client information, through printouts, etc. These will need to be securely stored, and added to the client files returning to your office. Domestic waste & shredders are not suitable for disposing of GDPR documentation.
Keeping your business running can take up so much of your time. Don’t let GDPR mistakes risk what you’ve built.
Greenway can help with planning and strategy for your company. Get in touch.