Even Small Businesses have to comply with Data Protection Laws…
Accountability is one of the key principles in data protection law – it makes you responsible for complying with UK GDPR and says that you must be able to demonstrate your compliance.
You must have appropriate measures and records in place to be able to demonstrate your compliance with this principle.
There are a number of measures that you can, and in some cases must, take including:
- adopting and implementing data protection policies;
- maintaining documentation of your processing activities;
- implementing appropriate security measures;
- recording and, where necessary, reporting personal data breaches; and
- adhering to relevant codes of conduct and signing up to certification schemes.
Accountability obligations are ongoing. You must review and, where necessary, update the measures you put in place.
We work with small businesses to ensure they can demonstrate compliance with relevant data protection law.
If you are a small business and would like us to undertake a health check on your data protection practices – get in touch.