Keeping employee records: What small business owners need to know

the employee records employers should keep

The GDPR gives people more control over their personal information and requires organisations to clarify exactly where Personally Identifiable Information (PII) is stored – and how it is used.

Less well-documented than data protection regulations, but no less important, are data retention regulations. To outline what your legal obligations are when it comes to keeping business records, we asked Paul Ravey of Access Records Management to explain.

(more…)

What small businesses need to know about the General Data Protection Regulation

Despite Brexit, the UK government has confirmed it will abide by the new General Data Protection Regulation (GDPR), which is due to come into effect on 28 May 2018.

The aim of General Data Protection Regulation is to encourage companies across the European Union to think seriously about data protection. In practice, the new GDPR lays down some fairly stringent legislation, for both large and small businesses, governing the standards by which personal data is collected and stored.

To help UK businesses understand the new laws, and avoid the heavy punishments failure to abide by them bring, here’s a guide to the GDPR legislation. (more…)

The ways small businesses can protect themselves from hackers

In recent years, giant corporations such as eBay, British Airways and Linkedin have fallen victim to hackers accessing their data. That such huge companies can be on the receiving end of data breaches, despite their astronomical IT budgets, shows that without the right protection, no company is safe.

So, what does this mean for smaller businesses?

(more…)

A Guide to Data protection for small businesses and start-ups

Data protection is now a more onerous regime for small businesses, and this will only increase when the EU General Data Protection Regulation is implemented.

The Information Commissioner’s Office (ICO), which regulates the Data Protection Act 1998 (DPA), can impose penalties of up to £500,000. A glance at the ICO website will tell you how seriously they view failures to comply, so it’s crucial that small businesses understand their obligations under the DPA when dealing with any personal data, whether it relates to customers, clients or employees.

But for start-ups and small businesses, who can’t afford the luxury of a dedicated data protection officer it’s hard to know where to start. We therefore asked Clare Edwards, of Hill Dickinson, to distil some of the complexities of the Data Protection Act, and to offer some practical tips for start-ups and small businesses when dealing with personal data;

(more…)

How to comply with the Data Protection Act

Not only is compliance with the DPA a legal requirement, there are good business reasons for doing so – for example, using out of date or bad data could result in customer complaints. Also, using bad data costs money and time.
(more…)

Data Protection and the Data Protection Act – An Overview

The Data Protection Act (1998) was drafted to ensure the privacy of personal information stored electronically on computers nationwide. The Act aims to “promote high standards in the handling of personal information, and so to protect the individual’s right to privacy”.
(more…)