My goodness there’s a lot of folk out there just beginning to panic a bit!
Not without good reason, you might think? The proposed financial punishments set to be meted out by the ICO make for sobering reading indeed, but for what it’s worth my advice would be to keep calm and carry on.
Reading between the many lines of the new regulations, and having consulted with far wiser souls than myself, the very clear message I’m getting is that you, we, and all exploiters of personal data, need to have a plan of action regarding GDPR and be firmly on the road to compliance, if not complete compliance itself.
I say this not least because 100% compliance can only rarely be achieved – there will always be more that we can do to protect the personal data we hold, and from here on we are obligated to foster a culture of disclosure and consent.
In the meantime – if you’ve not yet started to become compliant – there’s plenty you can do to move this along.