How businesses can become GDPR-ready
As the 25 May compliance deadline approaches, Lesley Meall looks at what businesses are doing to ready themselves for the implementation of General Data Protection Regulation, including business benefits, international implications and important ICAEW resources.
Like Pepper, top 10 accountancy and business advisory firm MHA Macintyre Hudson got serious about its GDPR preparations last summer. “We engaged a firm of lawyers to provide us with a basic understanding of GDPR,” says partner Andrew Moyser, who is also the firm’s DPO. “After the first session it was very much a learning curve for us on what the new rules were, what they would mean and what we are going to have to do come 25 May.”
The firm has completed its data-mapping exercise, its gap analysis of what it needs to do to become GDPR-compliant. “GDPR has taken us into areas that are not about data protection,” adds Moyser. It has highlighted opportunities for the firm to improve and update some of its processes and rationalise some of the software and systems it uses. “It’s been enlightening and insightful. Even without GDPR it has been an important process.”