GDPR Frequently Asked Questions

22 Feb, 2018

Whilst having an ISO Standard can help with GDPR, it does not make you compliant! We have put together some FAQ’S to help you understand your options.

Does having an ISO Standard mean I’m GDPR compliant?

In a word, no.

Even having the Information Security Standard (ISO 27001) doesn’t make you fully compliant, although it helps significantly.

Although we can help you achieve compliance in three different ways (as outlined below), every business including those running internationally recognised management systems will need to take steps to review their data and update their policies and procedures.

 

Why is GDPR a buzzword at the moment?

GDPR is a beefed up version of Data Protection. It has been a regulation for a while but becomes legislation on the 25th May.  That’s when businesses run the risk of big fines from the ICO Information Commissioner’s Office. The potential fines for failing to comply with GDPR could reach up to €20 million or 4% of the group worldwide turnover (whichever is the greater) against both data controllers and data processors.  Whilst GDPR will apply from 25th May 2018, it is an ongoing matter that your business will need to continually comply with.

 

We don’t know what to do, can ISO Quality Services help?

Whilst GDPR can seem a little daunting, here at ISO Quality Services we pride ourselves on keeping it simple.  Whether you’ve been putting off your GDPR preparations or have made a start but feel you require guidance, ISO Quality Services can help in three ways:

 

  1. GDPR training

We offer a one-day interactive workshop that uses business scenarios to introduce the new legislation and provide an overview of the steps that businesses will need to take as dictated by law to become compliant.

By the end of the day, you’ll be able to:

  • Understand what the EU GDPR is and why the law is changing.
  • Explain what has changed from the Data Protection Act 1998 and what is expected going forward.
  • Understand what the impact of the EU GDPR means for your business.
  • Be able to formulate a plan of action.

Further information on this course can be found here.

 

  1. GDPR consultancy

We appreciate that every business is different and each will manage their data in different ways.  We can therefore arrange for one of our GDPR consultants to come into your business and provide one-to-one guidance tailored for your needs.

To explore this option, call us on 01905 670303 or email info@isoqsltd.com.

 

  1. We can help you implement ISO 27001

Businesses with ISO 27001 are already half way to achieving compliance. Certification is normally achieved in eight weeks, regardless of the business size or sector.

One of our expert auditors will carry out an initial assessment.  This process involves a gap analysis, identifying areas of non-compliance, recommending areas of improvement to meet the requirements and the gathering of information to compile documentation

Once you are certified, we work with you to ensure you stay on track. We help you monitor your progress with a six monthly review from our expert auditor and an annual recertification audit. We also provide over the phone support all year to help you keep on top of things.

More information on this certification can be found here.

 

I already have ISO 27001, do I need to worry about this?

You do, but you’ve already got an advantage in that many of the processes within ISO 27001, such as disposal of media and security of equipment, are great best practice for complying with GDPR.  If you require any help, we can arrange for one of our consultants to conduct a gap analysis to help bring you up to compliance.  Alternatively, take a look at one of our upcoming GDPR training courses.

 

We’re an existing client, is GDPR included in our package?

The GDPR is not a change to an international management system, it’s a fundamental shift in the way data is used and stored within your business’s operations. As such, we cannot issue an update to a manual to help you achieve GDPR compliance.

To give another example, if we help a client run a BS 18001 Health & Safety management system and new H&S legislation comes in, such as a change to manual handling, our client will still need to make operational changes to ensure compliance with the new legislation.

 

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email info@isoqsltd.com.

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

Related Posts

Why Make Your Recruitment Agency Your Partner?

12 Sep, 2022

In a candidate driven market how can you not only attract the right applicants, but ensure you’re gaining a long-term employee who will grow with your business?

Environmental: Aerial view of green land and blue sky

How Can SECR Help You Reach Net Zero?

16 Aug, 2022

Net Zero, Greenhouse Gas and Environment issues are driving Commercial Energy obligations and responsibilities are changing worldwide. The UK is leading this revolution.

Our Award-Winning Week!

15 Jul, 2022

Less than a week after our win at the Worcestershire Social Media Awards, we were proud to be taking home another award, but what did we win this time?

ISOQSL Bingo Box an Award Winning Campaign

4 Jul, 2022

We were excited to attend the Worcestershire Social Media Awards last week where we were up for a whopping five awards including Best Social Media Campaign by a Business for our Christmas charity campaign.  Here’s how we got on…