GDPR is here! Are you ready?
If your answer to the question in the headline is no, and you're having a heart attack, we have some advice: Don't panic. There are plenty of companies in the Czech Republic that haven't had time to prepare for the GDPR coming into force. But don't underestimate the situation.
This Friday, the General Data Protection Regulation comes into force. Panic is growing among domestic businesses. If you are one of those who are plagued by the fear of missing out, you need not despair. You are not alone.
According to Bureau Veritas, companies that fail to comply with the new data protection requirements account for 85% of all obliged entities.
"After the initial analysis, companies are surprised that this is a complex issue and that getting it right will be much harder than they expected," said Jakub Kejval from the agency. He added that smaller businesses, in particular, often did not know where to start in preparing for the new regulation and simply did not change their strategy in time.
So what to do if you feel GDPR has caught you off guard? Kejval says: Don't panic. "There's no need to confess to the Data Protection Authority, which doesn't have the capacity for extensive checks and will initially only come to you on a whistleblowing basis," he reassures.
So first of all, check your internal regulations. You may find that you don't need to adopt completely new ones, but just modify existing ones.
"What will need to be made new will definitely be internal regulations specifying how to proceed in the event of a so-called data breach, i.e. a violation of personal data security," says Vladan Rámiš from MAFRA, adding: "It is certainly also necessary to think about possible modifications to archiving and filing rules and, in larger companies, about an overarching organisational regulation that would determine the competences of individual persons within the personal data protection processes."
However, it is also the case here that the General Data Protection Regulation applies mainly to large entities and institutions and that small sole traders will generally only comply with basic obligations.
We nevertheless recommend not to underestimate the situation. If you don't know from which end to take on GDPR, don't hesitate to ask us for help. Our team of experts on the various issues of the regulation is here for you.