Member Blog

The latest results from the Ministry of Justice show that since the abolition of employment tribunal fees last summer, there has been a sharp rise in the number of employment tribunal claims, with the latest figures showing that single claims have almost doubled and multiple claims have increased by 467%. 

With the increased threat of claims by disgruntled employees, many employers use settlement agreements when employment relationships turn sour.  Settlement agreements are a useful means of resolving ongoing workplace disputes and/or facilitating an employee’s departure from the business – they certainly minimise the risk of legal action from the employee – but are settlement agreements being used effectively or excessively by employers?

A settlement agreement is a legally binding contract under which the employee waives the right to bring a claim against their employer in return for a financial payment.  Settlement agreements are voluntary and usually reached through the process of negotiation.  In most circumstances, the parties can speak freely in the negotiation without fear of anything said being used in evidence against them should the negotiations break down, but this is not always the case. 

Now more than ever, employers should ensure that they are following a proper process when conducting settlement agreement negotiations.  Understanding the circumstances in which settlement discussions can be admissible as evidence in employment tribunal cases can assist employers in avoiding the risk of this eventuality occurring.

The ultimate goal for both parties in settlement negotiations is to secure the best settlement package possible.  Money is often a key driver, with the parties often assuming that payments made pursuant to a settlement agreement fall within the £30,000 tax exemption and can be paid tax free.  This is not always correct. 

Changes to the taxation regime earlier this year mean that some payments and benefits made in connection with the termination of an employee’s employment will be chargeable to income tax and national insurance contributions and will not benefit from the £30,000 threshold.  It is therefore imperative that employers understand the correct tax treatment of each termination payment to avoid liability for tax further down the road and to manage employee’s expectations as to the amount of money they will actually receive when they leave.

Nicola Butterworth and James Mee, employment law and tax law experts from Howes Percival LLP will be discussing the legal and practical issues surrounding the use of settlement agreements including strategies for settlement negotiations and key changes to the tax treatment of termination payment in the forthcoming Norfolk Chamber of Commerce HR Forum which is taking place on Wednesday 20 June 2018 at Holiday Inn, Norwich. Click here to find out more and book your place.

We talk to hundreds of local business owners every day; we hear their concerns, understand their challenges and share in their successes.

One common conversation is that, in the digital age, advertising is complicated and it can be hard to see any return on investment.

Some concerning research shows that 46% of business owners don’t actually know if their marketing strategies work – and that is a worrying point.

The ad industry has tried to solve this challenge by creating lots of new products.

The small business owner can now buy an ad in the newspaper, on a website, a newsletter and even an app for almost every newspaper that exists… but how does the business owner understand if any of it works?

It’s as if the ad industry has become so inured to the idea of technology, tools and twiddly buttons that we have somewhat forgotten what ‘advertising’ and ‘marketing’ are for.

The fact that businesses want customers, and advertising that delivers measurable effect is a challenge that our industry is now coming to terms with.

Advertising is now at a sort of crossroads and the advertising industry is starting to take its head from the sand and choosing a direction.

Here at Archant we have launched Local Impact, created to deliver the small business owner insight into the digital and traditional advertising market, advice and support to build a marketing strategy and products and services designed to best enable a business to sell its product or service.

We aim to support the business owners with advice, practical help and products that deliver a measurable effect.

As Local Impact grows I will share what we are doing, how it is working and deliver as much practical advice and help as I can in 350 words.

If any of you have questions or topics that you would like discussed do get in touch. My email is always on and I almost always read it…

Contact Archant Local Impact on 03331 365390, [email protected] or at www.archantlocalimpact.co.uk

There are many learning and development sessions and countless books about teamwork, extolling the virtues of everyone working together. In business, we always want teams to work well but unfortunately this is not always the case.  

One of the best models I have seen for helping talented individuals work together in extraordinary teams is the Five Behaviors of a Cohesive Team ™ which is explained by the New York times best-selling author Patrick Lencioni in his book.  Coupled with the  power of  industry-leading Everything DiSC© workplace assessment tools and classroom delivery sessions, you have a breakthrough programme proven to deliver business results.

The Five Behaviors of a Cohesive Team™ programme helps teams understand how they score on the key components of the Five Behaviors model: Trust, Conflict, Commitment, Accountability, and Results.  Individual teams members will learn about their own personality style and the styles of their team members – based on the Everything DiSC© model – and how their style contributes to the team’s overall success.

A productive, high-functioning team:

• Makes better, faster decisions
• Taps into the skills and opinions of all members
• Avoids wasting time and energy on politics, confusion and destructive conflict
• Avoids wasting time talking about the wrong issues and revisiting the same topic over and over again becuase of a lack of buy-in
• Creates a competitive advantage
• Is more fun to be on!

Are you ready to get started building better teams?   Contact me for more information, quoting Norfolk Chamber to claim your 5% discount:

Mary Aslett

Corporate Growth Consultancy Ltd

[email protected]

01379 308690 or 07931 098 023

We were approached by a company specialising in bad credit to help build up their online presence and ultimately help them rank to the top of Google. The demand for bad credit financial products online is very high, as those looking for funds are keen to borrow and may have to go to several places before finding a lender that accepts them. The options for those with bad credit is offering products with higher interest rates, or security such as lending against an asset or adding a person to guarantee repayment. What our client Payday Bad Credit does is focus on financial products that last 30 to 60 days and aggregates a number of lenders in one place to help customers find the fastest source of finance.

Web Design

Layout: The design had to be responsive on all devices including desktop, mobile and tablet. Mobile was a huge priority for us as we understand this is overtaking desktop users, especially amongst a younger demographic. We opted for a scroll down method which is a very popular technique today, as it mirrors the style of Instagram and Facebook. We incorporate large images of people and subtle things like making the peoples’ eye-line direct towards an application button.

Calls-to-action: It is essential to offer customers the opportunity to make an application in several ways. This includes add numerous apply now buttons across the page, including header, middle and footer. This idea always fits in with Google’s updated algorithm for SEO and the idea of “user intent” which highlights the need to give people places where they can apply or buy things, rather than tonnes of information.

Trust signals: We had to emphasize trust on the website and why it is safe to give your details. We started by adding the site on a secure server to make it https (secure), and this also meets any GDPR requirements. In addition, we added a variety of logos including to the BCCA, FCA and CCTA.

SEO 

Competing in the loans industry comes with a very alternative approach to SEO, especially keeping in line with Google’s specific payday loans algorithm.

Content: We have been working on building up authority for the website, adding around three blog posts a week surrounding information and guides on credit cards, personal loans, credit ratings, debt and more. The idea is to regularly put out content to show that we are proactive and build up the site as a useful resource for adverse credit and consumer finance.

Links: Acquiring links in the loans industry is a careful science. Whilst getting featured on news and press is always ideal, for this specific algorithm, the approach we took involved looking at what links the companies had that ranked top and trying to emulate them, approaching companies for similar links.

The result has been a strong start. Within 2 months, we have reached page 3 and 4 for some key terms and have generated 12 applications. We appreciate that SEO is a long term proposition and may be around 6 months before we reach the dizzy heights of page 1, but this could potentially generating hundreds of applications per day for the client.

It’s been a long time coming, but mercurial Barcelona forward Lionel Messi has finally got what he always wanted. I’m sure when Lionel is looking back on his career, his five Ballons D’Or will pale in comparison to what he achieved last week. It took over seven years, but the European Court of Justice have decided that Lionel Messi should be allowed to register “MESSI” as a European Union Trade Mark. Congratulations Lionel. Well deserved. The basis of the legal challenge was as follows – Lionel Messi appealed after the EU Intellectual Property Office (EUIPO) ruled that MESSI was too similar, visually, orally and conceptually, to “MASSI”, a pre-existing trade mark owned by a Spanish cycling goods company. The Court held that, although MESSI and MASSI sound and look similar, conceptually they were very different. The Court thought that a significant amount of the ‘relevant public’ (consumers of sporting goods) would know who Lionel Messi was and make the link between MESSI and the famous footballer. Therefore, consumers would not confuse the use of MESSI with the continuing use of MASSI on sporting goods and the MESSI trademark could be registered. Is HP distinctive? In another decision, the Court held that Hewlett Packard (a well-known technology company) may trade mark the term “HP”, its initials. In doing so, the Court rejected an application for a declaration of invalidity from Poland-based IT Reseller Senetic. Senetic argued that the HP was descriptive (which is fatal to a trade mark registration). The Court held that a mark will not be descriptive simply because it “consists of one or two letters.” In these circumstances the relevant public could understand HP as a reference to Hewlett and Packard, the names of the company’s founders. Need a break? Distinctive character is a hot topic at the moment. In a recent opinion, the Advocate General to the Court of Justice of the EU (an advisor to the EU’s top Court, whose decisions often guide the Court’s deliberations) said that Nestle ought not to be able to protect the shape of a four fingered Kit-Kat on the basis that they had failed to show that it has (through use) acquired distinctive character. This opinion is not binding, so we await the final ruling of the Court in this matter. If you would like advice on registering a trade mark or managing your existing trade mark portfolio, please contact our intellectual property experts.  If you have already applied to register a trade mark and your application has been opposed, or you believe someone is infringing your intellectual property, please contact myself, Mike or Polly in our Litigation & Dispute Resolution Team. Note: the content of this article is for general information only and does not constitute legal advice. Specific legal advice should be taken in any specific circumstance.

Despite opinions from some quarters, the construction industry is necessarily an extremely highly skilled area, with specialists in almost every niche area you can think of. Those skills range from concept, design and planning at the outset of a project, myriad trades and professions during a built, through to maintenance and repair throughout the lifetime of a building. Fortunately, England has moved on from the medieval system of Guilds and Liveries to control the skills in the construction industry, and we now have excellent organisations such as the Construction Industry Training Board (CITB) to provide training. I know some have criticised the organisation in the past (particularly those organisations who have to pay the levy), but anyone who has been through an apprenticeship with their help, gained employment or managed to get a promotion from skills or qualifications obtained from CITB will be very grateful. It was therefore very sad to read about the plan to reduce the workforce of CITB by 900 staff. The Vision 2020: Business Plan 2018-21 shows a reduction in staff from 1,370 currently down to 484 in 2020/2021. With 575 based in Norfolk, in particular at the Bircham Newton (North West Norfolk, between Fakenham and Hunstanton) site, that is going to mean some very sad job losses locally. Its head office will remain there until 2019, but after that is likely to move, possibly to Peterborough.

Our client, My Doctor London, is a private medical clinic which is based in Euston, Central London. Our aim as SEO experts is to provide My Doctor London with the visibility that they deserved as a high-quality medical practitioner. We want to position their brand identity as a leading doctor’s surgery in the centre of London for main terms like ‘doctor London‘ and ‘doctors in Euston’, as well as other, more specific services they offer such as ‘blood testing London’, ‘marathon testing London’, ‘hay fever jabs London’.

The following is what we did to maximize optimisation and user experience on the website to ensure the best results possible.

Full site clean-up – For successful SEO, a website must be optimised from head-to-toe and our first port of call is to conduct a ‘health check’ of the website. This means that the meta-descriptions and meta-titles have to be relevant and include specific keywords for Google to pick up. The idea is to have one page focusing on one main product – for instance, having multiple pages on hayfever jabs would usually cause the site to be demoted on Google due to lack of prioritisation. 

To make sure the site is optimised, all images must feature an alt-text and all links which are broken or show a crawl error must be corrected. This information can be found on Google’s Search Console and it is a simple 301 redirect to the most relevant page which will ensure a smooth SEO transition.

We updated the website’s sitemap, which is a simple file that lists all the pages of the website. Google’s preference is that it is in an XML format so that it is constantly updated and refreshed. The URL of the sitemap can simply be added to Google’s Search Console so that it can be crawled.

Links – Links from reputable, external sources as a form of PR or resource are well received by search engines such as Google to build up trust and authority. In this case, we wanted links to be medical focused to build up their position in the industry. We reached out to different medical journals, news sites and resources and asked them to reference My Doctor London and include a link. Something very topical to write about was having marathon medicals with the recent marathon season in play and this summer will be a good opportunity to write about hayfever jabs and tips to reduce hayfever symptoms.

The results after the first two months have been very positive. We have secured the page one positions we aimed for ‘doctors in london’ and ‘doctors in euston’ – but remain on pages 2 to 5 of Google for all other target keywords. Our work is not done, we need to continue acquiring strong links and bulking up the site with regular guides and useful content to help the website rank effectively.

Our client, Alistage, are a leading indoor and outdoor staging manufacturer and hire company – and have provided stages for huge companies including Channel 4, BBC, MTV and Arsenal Football Club.

Alistage build and design stages for TV shows, music festivals and concerts, as well as sporting events in the UK. One of our aims was to reflect the 35 years of experience that Alistage has in what they do through their website and their search engine rankings. In order to do this, we have given the website a face-lift by redesigning it and building it with search engine optimisation (SEO) in mind. 

Website Clean Up – The clean up or ‘health check’ is commonly the first thing we do when optimising a site for a new client. We made it our mission to update all meta-titles and meta descriptions, making sure each image had an appropriate alt-text and fixing any broken links or crawl errors which may cause the website to fall down the Google rankings. After all, Google favours websites which are deemed clean.

With a lot of products offered by Alistage it was important to determine one key page for each main product and not have any overlap. Once we know which keywords are going to target each page, we can add the keywords into the meta-data, headings and focus any internal links and inbound links with those particular keywords (and anchor text) to help it rank.

Link Building – Succesful SEO requires strong backlinks to a website, as it builds up trust and authority. With our client Alistage, we started to seek out backlinks in the lifestyle and entertainment space and then it is a case of writing useful guides or asking them to feature Alistage products and simply linking back to their website. In addition, we looked at links which had been secured by their competitors (using Majestic SEO tool) and it is a matter of simply emulating this approach. If Google likes particular links, it is logical that you will be rewarded for the same of similar links – provided that they are quality and not on paid listings or directories

The SEO results for Alistage have been extremely positive, securing a page one positiong for ‘hire a stage’ and ‘hire a stage london’ within the first 4 weeks of implementing changes. The next step is to land page one positions for more particular products and keywords including music stages, catwalk stages, tiered platforms and bar systems too.

Search Engine Optimisation (SEO) is a form of digital marketing which is not only fundamental to almost every business’ overall strategy, but which can be applied to almost every business with a website. The art and science of SEO is ensuring there is a fine balance struck between making a website ‘too technical’ and ending up with a website that looks fantastic but which cannot be found by prospective customers.

Whilst no industry is the same, there are those that are a fair bit more specific and which require a greater degree of detail, particularly when it comes to writing the inevitably needed content for the website in question. At Tudor Lodge Consultants, we have a broad range of clients across many industries including loans and finance, property, building and construction and recruitment. One such client whose needs are that extra degree more specific is Interim Partners.

Working with some of the UK’s largest businesses and targeting high level individuals (such as CEOs and executives) for interim roles in companies and organisations, a major challenge has been building a content strategy for the client.

However, the content and digital marketing team at Tudor Lodge have been undertaking SEO best practices with regards to content and this has helped uncover a plethora of content opportunities for Interim Partners. There are several successful practices to help ensure even the most unique sites, offering the most niche services can thrive online.

Content Research – Keep Things Natural

Content is one of the key components of any successful SEO campaign. However, before the content can be written and optimised, the research must be undertaken and must always be thorough. This ensures that the topics written about on the site in question is not too generic. For example, it is easy for a recruitment site to simply write about topics such as ‘what is recruitment’ and ‘benefits of recruitment.’ However, these topics are generic and do not standout to both user and Google.

The research undertaken should uncover natural topics through the medium of questions. For example, in the case of the recruitment website, something akin to ‘how to find a job with a recruiter’ matches questions users would likely ask and therefore favour searches via Google and other search engines.

User Experience – Engage Your Customers

Getting users to the website is the easier part of the process. Once a user is however on the website, the key is engaging and maintaining them. Websites that present a large number of 404 [broken/ dead] pages see their users drop off at faster rates to those that do not. Additionally, the speed of the site is arguably one of the most important factors today, with users not willing to wait for longer than 1-2 seconds for a page to load and present itself to them and this is particularly important on mobile and tablet devices; which tend to be used ‘on the go.’

Another site speed factor that is given a lot of weight is how the site’s pages load. This refers to the nature of the loading. Websites with negative user experiences will often loan in ‘layers,’ known as ‘rendering.’ This is negative for SEO and user experience as it means the page does not necessarily load its most important content first as well as that which is above the fold, atop the page.

Technical Factors – Remaining Up to Date

The ‘technical’ SEO factors such as meta data, links, crawl errors and fundamental landing pages certainly retain their significance but they are strongly complemented and supplemented by the various factors. It is therefore important to not focus too much  on any single factor, rather to view SEO as a puzzle with each ‘ranking factors’ another piece to make up the fuller picture.

The Royal Mail in the United Kingdom have been fined £12,000 for sending 327,000 nuisance emails to people who had opted out of receiving such emails from them. By sending the emails, the Royal Mail broke the law, says the Information Commissioner’s Office (ICO) and they took appropriate action. The emails were sent to customers on two separate occasions in July 2017. Royal Mail defended the action as they believed the emails were more a “service” than marketing, for the emails that informed the reader of lower prices for parcels. The ICO disagreed with this, and that they were sent to advertise lower prices as part of a marketing strategy.

“Royal Mail did not follow the law on direct marketing when it sent such a huge volume of emails, because the recipients had already clearly expressed they did not want to receive them. These rules are there for a reason – to protect people from the irritation and, on occasions, distress nuisance emails cause. I hope this sends the message that we will take action against companies who flout them.

ICO’s Head of Enforcement, Steve Eckersley

Royal Mail has since apologised for their actions, stating that it would be carrying out additional training for staff, stating that they take customers’ privacy “extremely seriously”. After Friday 25th May 2018, these types of marketing campaigns will be directly affected by the General Data Protection Regulation (GDPR) that so many of us have heard a lot about in the past year or more. As the deadline looms, how companies handle data is incredibly important, and making sure that email marketing campaigns are only sent to those who have chosen to be informed or contacted. There is additional legislation that is still pending relating to business people’s details, and whether these too are classed as personal data. With stories including Facebook, Mark Zuckerberg, Cambridge Analytica, and the 87 million people who had their details shared, Cliff Richard and the BBC, YouTube and Global Child Privacy issues, the stories of fines will continue long into this year, and next. Some 30 social media platforms are under investigation as we write this, to see how they have been used in global political campaigns. Interesting times, but if you think the ICO will just be chasing the “bigger companies”, think again. A complaint can be logged by anybody against your organisation, who does not want you to keep their personal data. You must show that you have procedures in place to deal with this, and prove how the data has been removed. Fines will by up to €20 million or 4% of annual turnover, whichever is higher. Can you afford not to deal with the GDPR’s watchful eye? Your office equipment, such as multifunctional devices and software are at the forefront of your GDPR “compliance”. Speak to us to learn more, on how we can help your business or organisation. 

Landlords and tenants quite frequently enter into side letters (supplemental to the lease) to reflect particular arrangements between them.   Side letters can include rent concessions where the landlord might, for example, agree to accept a lower rent than that specified in the lease.  It is relatively common practice for a landlord to specify in such a case that if the tenant breaches a condition of the concession or a term of the lease then the concession given to the tenant will be cancelled.   The property industry was taken by surprise recently in a case concerning a concessionary rent where the tenant was late in paying an instalment. In that case the Court decided that the landlord’s attempt to bring the concession to an end (so as to revert to the higher rent referred to in the lease) was void on the basis that it amounted to a “penalty”.   The Court referred to a recent decision of the Supreme Court which reviewed the law relating to penalties. Previously, a penalty might broadly have been described as a payment specified as being due by a party in breach of contract which was not a genuine pre-estimate of the innocent party’s loss arising as a result of the breach.  The decision of the Supreme Court suggests that rather than being focused on whether a sum payable on breach is a genuine pre-estimate of loss (i.e. a liquidated damages clause), there is now a more general test as to whether the sum or remedy stipulated as a result of breach of contract is exorbitant or unreasonable in the circumstances.  Against this background, one can understand that if a side letter states that a remedy for the landlord following a breach by the tenant is to cancel the concession itself then the tenant might seek to argue that the remedy is exorbitant or unconscionable.   The law remains complex and each individual case will depend, amongst other things, on how the individual side letter is drafted and construed.  The reality, however, is that a landlord will no longer have the guaranteed ability to cancel a concession or other term of a side letter in the tenant’s favour purely because the side letter states that such remedy is available to the landlord.Landlords must be mindful of this when negotiating any side letters which include concessions.

The Lowdown on GDPR – Are You Ready?

There’s a big change coming in May. And if your business isn’t ready, you could find yourself in big trouble. Data protection laws throughout Europe are receiving an overhaul; the likes of which haven’t been seen for two decades. It’s taken over four years of planning and negotiations, but the European Parliament and European Council finally agreed on the new legislation two years ago. And since then businesses and public organisations have been preparing for the changes. Well, in theory anyway. If you’re like the majority and you’ve put GDPR on the back burner, it’s not too late – but you’ll have to act fast. First though, let’s take a look at some common questions. What exactly is GDPR?

The European General Data Protection Regulation (GDPR) is the new, improved version of the Data Protection Act. It comes into force on 25th May 2018, and it will change the way organisations collect and manage the information they collect about customers. The regulation is the new framework for data protection across the whole of Europe. According to the governing bodies behind it, the GDPR has been designed to harmonise data privacy laws and protect the rights of individuals.

We already have data protection laws.

Why do we need more? Yes we do, but things have changed a lot since the last laws were passed. It’s hard to imagine now, but back 1998 there was no such thing as smartphones and Mark Zuckerberg was just a 14 year old who hadn’t even considered the idea of Facebook yet. Let’s face it, the world is a very different place now and the change is long overdue. We’re creating and collecting huge amounts of digital information every second, and the laws created twenty years ago just don’t cut it any more.

Is my business going to be affected?

Yep. All organisations that collect data – even just a name and number – will have to comply with the GDPR. There are more hefty requirements for businesses employing 250 staff or more, but all organisations that collect any kind of personal data are going to be affected.

You will also have an obligation to erase the data of any individual who exercises their “right to be forgotten”. At any time, your customers can withdraw their consent to your storing or using their personal data and insist that you delete it. What kind of data does it cover? Voluntary groups, member clubs and charities are also going to be affected by the GDPR. The regulation encompasses both basic personal data (names, addresses, dates of birth etc.) and sensitive data (sexual orientation, genetics, religion etc.).

True, this information has already been covered under the previous data protection laws, but one big change is that anonymous data is also included now. In fact, the GDPR positively encourages the pseudonymisation of data, and there will be incentives for controllers to use this more secure method of collection.

The GDPR defines pseudonymisation as “the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.” To pseudonymise a data set, the “additional information” must be “kept separately and subject to technical and organizational measures to ensure non-attribution to an identified or identifiable person.” In layman’s terms, it’s a way to keep information private and store different data sets separately. Will there be a UK specific version?

Sort of. There has been some flexibility in terms of how individual countries choose to implement the GDPR, but they all have to adhere to the overall principles. The UK Government introduced its own new data protection legislation to the House of Lords in September. The Data Protection Bill 2017 will:

• Make our data protection laws fit for the digital age in which an ever increasing amount of data is being processed. • Empower people to take control of their data. • Support UK businesses and organisations through the change. • Ensure that the UK is prepared for the future after we have left the EU    It covers all the main areas of the EU regulations, but with some exemptions. My business is B2B and doesn’t collect customer data, so I don’t need to worry, right? Wrong! Any company with employees located in the EU is obligated to comply. You might not collect customer data, but you’ll still have information about partners and employees, and that information must all be stored in line with the requirements outlined. These include added protection for journalists, anti-doping agencies, scientific and historical researchers who handle personal data. The UK bill also states that parental consent must be required for all information about anyone under 13.

What’s the nitty gritty? The full GDPR paper contains 99 articles which all set out the rights of individuals and the obligations of organisations. Trust us, you don’t want to read them! In a nutshell, here are the main things you need to be aware of.

Accountability and Compliance

The GDPR means that all organisations that handle people’s personal information will be more accountable for that data. This includes things like clear data protection policies, risk assessments and developing documents that outline the what, how and why of the data you collect.

With cyber-crime at an all-time high and huge data breaches hitting the headlines, the risks of not looking after client information have been well documented. With large, well established organisations like the NHS, Yahoo, LinkedIn and T-Mobile all falling prey to cyber-attacks, nobody can afford to be  complacent.

The Information Commissioner’s Office has to be informed of any breach within 72 hours, and this information has to be made public. The repercussions of this aren’t just financial or legal… damage to reputation is often a lot harder to recover from. Companies that process a lot of sensitive data or undertake “regular and systematic monitoring” of individuals at a large scale are now required by law to employ a data protection officer. Arguably this could be an add-on to an existing role, but for a lot of bigger companies it’s going to mean employing a completely new member of staff.Organisations are also going to have to obtain consent to process data in certain situations. If you’re relying on consent to lawfully use someone’s information you’ll have to clearly explain that consent has been given, either in writing or through a “positive opt-in.”

Access to Data

The GDPR gives individuals a lot more power to access – and request the deletion of – any data that’s held about them. Until now a Subject Access Request (SAR) enabled businesses to charge a fee of £10 for someone to view the data that was held about them. Under the new regulations, the SAR has been completely scrapped. Now, anyone will be able to request their personal information completely free of charge, and this information must be provided within a month. In addition, the ICO states that all individuals have “the right not to be subject to a decision” that has a significant effect on them. Basically, organisations are no longer able to make automatic decisions based just on personal data and any decisions that are made must be clearly explained.

Fines

All laws have to be enforceable, and the GDPR is no exception. Any organisation that fails to comply with the regulation will face significant financial penalties. That means you can be fined if you: • Don’t process an individual’s data in the correct way • Fail to employ a data protection officer if required • Suffer a security breach How much you will be fined depends on the individual circumstances, but even smaller offences could result in a fine of up to €10 million or 2% of your global turnover (whichever is greater). In the case of major breaches which have a seriously detrimental effect on an individual or group, the fines could be as much as €20 million or 4% cent of a firm’s global turnover (whichever is greater). How to prepare your business for GDPR If you’ve got the time, you can read and familiarise yourself with all 99 articles (it’s OK. We know you’re very unlikely to do that). So if you haven’t got time, it’s important to have a clear idea of what’s expected of your individual organisation. For example, you might not need to employ a data protection officer. A lot of the main concepts and principles of the GDPR are similar to those outlined in the Data Protection Act, but this is a revamped version for the digital age. Don’t make the mistake of thinking there’s a grace period during which you’ll be forgiven a few teething problems and oversights. When the 25th May arrives you’ll be expected to be fully compliant and to be able to prove it. No excuses! The best thing you can do to ensure you’ve got everything covered is to enlist a data expert to come in and support you through the process. If it feels like an unnecessary expense, ask yourself how you’d feel about being fined, spending valuable time in court and having your name splashed all over the headlines. Getting your GDPR paperwork and procedures right is an investment that will save your time, money and reputation in the long run. This is happening. And you can’t afford to waste any more time.

We are able to help you with the data security aspects of GDPR. We can ensure that you have an appropriate level of protection on your network, using strategies such as a firewall, vulnerability scanning, and off-site backups of critical data. Give us a ring for a chat, or to arrange a data security audit of your business.

Call us: 01603 670682 or email us: [email protected] – Don’t forget to download a copy of our GDPR guide as well