SMEs will find GDPR challenging in terms of the drain on time and resources. Even what may appear straightforward tasks can turn out to be far more involved after further consideration.
Even if there are internal IT resources and legal advice has been taken, GDPR is so far-reaching and complex that it is too much for individual retention and effort – you can forget more than you learn!
Once you have had legal advice, the key question is ‘how’ to implement GDPR? As technologists, immersed in data and compliance issues, we can support and prompt your internal resources. We have a phased plan that visually itemises, prioritises and demonstrates progress.
For those at the top end of the spectrum, GDPR may involve consideration of business and IT issues well beyond GDPR itself; for instance:
- Do you have legacy data or systems that you might now want to remainder?
- Do you have old or poor data that you need improve and port to a new system?
- How are you going to understand data in packaged systems (CRM, ERP etc.) cost-effectively?
- Have you fully captured all the data on your systems, devices, cloud, website, social media and desktops?
- Do your new systems require metadata and/or a unified data model?
- How will you deliver sustainable compliance and what reporting do the Board expect?
To find out more, download our “Incorvus GDPR for small businesses” leaflet.