GDPR: Are you ready?

The EU General Data Protection Regulation (GDPR) is a new set of regulations that have been created to strengthen and unify data protection for all individuals within the European Union - including post-Brexit Britain.

The GDPR will supersede the 1995 EU Data Protection Directive and all EU member states’ national laws based on it, including the UK Data Protection Act 1998, starting from 25th May 2018.

Introduced to keep pace with the modern digital landscape the GDPR is more extensive in scope and application than the current Data Protection Act. The Regulation extends the data rights of individuals and requires organisations to develop clear policies and procedures to protect personal data.

GDPR has major implications for businesses and their obligations regarding the protection and privacy of data. In this document we will explain how tahdah can help your organisation to become fully compliant with these new regulations.

How is GDPR different?

The point of the GDPR is to provide clarity and consistency for the protection of personal data. It introduces several new legislative requirements that will significantly impact the way businesses collect, manage, protect and share data that's tied to EU residents - no matter where they’re located.

There are four key areas of difference between GDPR and current DPA compliance:

four key areas of difference between GDPR and current DPA compliance

The new regulations include severe penalties for organisations who fail to protect their customer's data. These infringements are not as rare as you may think; according to a UK government 2015 information security breaches survey, 90% of large organisations and 74% of SMEs reported a security breach, leading to an estimated total of £1.4bn in regulatory fines.

In 2018, GDPR will introduce fines for companies of up to €20m or 4% of annual worldwide turnover, whichever is greater – far exceeding the current maximum of £500,000.

How tahdah can help

According to the Information Commissioner’s Office (ICO), if you’re already DPA compliant, then most of your approach to compliance will remain valid come May 2018. However, there are some differences in GDPR, which means you’ll have to do certain things for the first time and some other things differently. Firstly, ask yourself these key questions:

Key GDPR Questions

If any of these questions gave you cause for alarm then you should consider having a conversation with us about how tahdah can help your organisation transition to GDPR.

tahdah takes the stress out of the transition to GDPR by making your customer's data more secure, more organised and easier to navigate. We have been following the developments surrounding GDPR closely throughout the creation of our system so that we can ensure that all of our customers will be in full compliance once the regulation comes into effect.

We will be able to liaise with your newly required 'data protection officer' and get your organisation up to speed on all of the documentation, policies and communications that you will need to create and distribute to your customers.

Three of the most significant challenges involve being able to quickly identify, produce or erase your customer's data "without delay" as stipulated in the new regulations. This could prove to be difficult for organisations that hold their customer's data across disparate systems. These fears are corroborated by a survey which asked how ready American CEO's feel their organisation is for meeting these critical requirements of GDPR:


tahdah can help you adhere to these requirements. After a short onboarding process all of your customer's data would be stored in our secure cloud servers and would be accessible and easy to navigate. Your staff could pull up specific sets of data within a matter of seconds and easily export them in whichever format that your customers require.

If you would like to learn more about how tahdah can streamline your transition to GDPR in May, please get in touch using this link.