GDPR Frequently Asked Questions

22 Feb, 2018

Whilst having an ISO Standard can help with GDPR, it does not make you compliant! We have put together some FAQ’S to help you understand your options.

Does having an ISO Standard mean I’m GDPR compliant?

In a word, no.

Even having the Information Security Standard (ISO 27001) doesn’t make you fully compliant, although it helps significantly.

Although we can help you achieve compliance in three different ways (as outlined below), every business including those running internationally recognised management systems will need to take steps to review their data and update their policies and procedures.

 

Why is GDPR a buzzword at the moment?

GDPR is a beefed up version of Data Protection. It has been a regulation for a while but becomes legislation on the 25th May.  That’s when businesses run the risk of big fines from the ICO Information Commissioner’s Office. The potential fines for failing to comply with GDPR could reach up to €20 million or 4% of the group worldwide turnover (whichever is the greater) against both data controllers and data processors.  Whilst GDPR will apply from 25th May 2018, it is an ongoing matter that your business will need to continually comply with.

 

We don’t know what to do, can ISO Quality Services help?

Whilst GDPR can seem a little daunting, here at ISO Quality Services we pride ourselves on keeping it simple.  Whether you’ve been putting off your GDPR preparations or have made a start but feel you require guidance, ISO Quality Services can help in three ways:

 

  1. GDPR training

We offer a one-day interactive workshop that uses business scenarios to introduce the new legislation and provide an overview of the steps that businesses will need to take as dictated by law to become compliant.

By the end of the day, you’ll be able to:

  • Understand what the EU GDPR is and why the law is changing.
  • Explain what has changed from the Data Protection Act 1998 and what is expected going forward.
  • Understand what the impact of the EU GDPR means for your business.
  • Be able to formulate a plan of action.

Further information on this course can be found here.

 

  1. GDPR consultancy

We appreciate that every business is different and each will manage their data in different ways.  We can therefore arrange for one of our GDPR consultants to come into your business and provide one-to-one guidance tailored for your needs.

To explore this option, call us on 01905 670303 or email info@isoqsltd.com.

 

  1. We can help you implement ISO 27001

Businesses with ISO 27001 are already half way to achieving compliance. Certification is normally achieved in eight weeks, regardless of the business size or sector.

One of our expert auditors will carry out an initial assessment.  This process involves a gap analysis, identifying areas of non-compliance, recommending areas of improvement to meet the requirements and the gathering of information to compile documentation

Once you are certified, we work with you to ensure you stay on track. We help you monitor your progress with a six monthly review from our expert auditor and an annual recertification audit. We also provide over the phone support all year to help you keep on top of things.

More information on this certification can be found here.

 

I already have ISO 27001, do I need to worry about this?

You do, but you’ve already got an advantage in that many of the processes within ISO 27001, such as disposal of media and security of equipment, are great best practice for complying with GDPR.  If you require any help, we can arrange for one of our consultants to conduct a gap analysis to help bring you up to compliance.  Alternatively, take a look at one of our upcoming GDPR training courses.

 

We’re an existing client, is GDPR included in our package?

The GDPR is not a change to an international management system, it’s a fundamental shift in the way data is used and stored within your business’s operations. As such, we cannot issue an update to a manual to help you achieve GDPR compliance.

To give another example, if we help a client run a BS 18001 Health & Safety management system and new H&S legislation comes in, such as a change to manual handling, our client will still need to make operational changes to ensure compliance with the new legislation.

 

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email info@isoqsltd.com.

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

News Archive

  • News Archive

Featured News

Related Posts

Charity Golf Day a Swinging Success Despite COVID-19

15 Sep, 2020

Last Friday, our first ever socially distanced Golf Day took place. Our Annual Charity Golf Day usually means a warm summer’s day of socialising freely, some friendly competition and an evening meal. However, this year was evidently different, so we had to get our heads together and do some thinking.

It’s Never Too Late to Plan Ahead

24 Aug, 2020

The last few months have been challenging for us all and now is the time to ask ourselves, ‘what can we learn from this experience and how do we future proof our business going forward?’.

Linden Care Homes Company Logo

Client News: Protecting Residents from COVID-19

5 Aug, 2020

Linden Care Homes closed their doors on 13th March to protect their residents from coronavirus.  With just one confirmed case and overall infection rates down, they are now looking to welcome family members back.

Lessons Learnt

What has humanity learnt from the Corona Virus?

16 Jul, 2020

About 4 months ago, the UK was struck with the consequences of the Coronavirus. Everything went into lockdown. For a few weeks, the streets that used to be bustling with shoppers and site seers were like a ghost town. We, as a nation, had to change. It’s not over yet, but as we’re starting to see some life after isolation, perhaps it’s time to ask the question; have we learnt anything from the experience?