Why I Am Not Supplying GDPR Privacy Policies
Well GDPR has been everywhere hasn’t it?
Please know I am not here to jump on the band wagon – like everyone else I have been looking into GDPR and firstly, finding out what it means for my business and secondly I have been looking into the implications of GDPR from a HR perspective for my clients. Many of whom have contacted me asking if I could “do our GDPR”.
I have said no, not because I don’t want to help, but on the grounds of my own professional ethics – I am not professionally qualified to advise on GDPR as it is a distinct area of law and not my area of expertise. For anyone out there wanting GDPR complaint privacy policies etc I recommend you seek your own professional advice on this if you have not already done so.
I hope you respect my position.
What I am doing to learn about GDPR
With that in mind, after taken a considerable time to decide what was the best approach I have decided to point my clients in the direction of a professionally qualified solicitor, who has been in contact with the ICO and collated materials relevant for businesses around GDPR. Her name is Suzanne Dibble and for the record I am not affiliated with her in any way and will not be receiving any financial incentive for sending you in her direction. Rather I would prefer to say, here is what I am using and if you want to try it for yourself here is where to find it. I have personally used her materials to help me in understanding how to manage GDPR in my business.
GDPR Resources I Have Used in My Business
* Also don’t forget – the ICO website itself has an abundance of free information
Free GDPR Data Audit Checklist
Finally – the first point in preparing for GDPR is to create an audit of the data you use. The wonderful Allison (as you know as my VA) has created a FREE excel spreadsheet for this and also a little video to talk people through how to use it. It is exactly what I have done.
* Allison’s free data audit spreadsheet – scroll to the bottom of this page and put your name in the box
Allison sent an email to her clients (including me) in the run up to GDPR coming in to effect and made some very important comments which I have repeated below as I think they are worth sharing:
* Friday 25 May is when GDPR comes into effect – it is not a deadline. So as long as you are taking sensible steps to prepare and are recording your legal basis for storing personal data and doing your best to keep everything safe and secure – you are preparing well.
* Data protection is an ongoing process – it is not a case of ‘get it all done by the 25th May and then forget about it’. Keeping personal data safe is an important part of how any business works and that is really nothing new.
So that is hopefully the last time I will be sending an email on GDPR.
As a final comment from me, please do not get caught up in the hype. The 25th May was not a deadline and please check the source and credentials of any training or “GDPR products” you are buying and I also ask you to respect the IP of other people.
Until next time
Founder of the HR Doc Shop™
Welcome to our world, we hope to see you often 🙂