The latest stories.

12 Steps to Prepare for the GDPR

12 Steps to Prepare for the GDPR

On 25 May 2018, the General Data Protection Regulation (GDPR) comes into effect in the EU and across the United Kingdom. The GDPR replaces the Data Protection Act (DPA) and ushers in expanded rights to individuals and their data, and places greater obligations on businesses and other entities that process personal data.

Many of the GDPR’s main concepts and principles are the same as those in the DPA, so if you are complying properly with the DPA much of your approach to compliance will remain valid under the GDPR and can be a starting point to build from. However, there are new elements and significant enhancements, so you will have to do some things for the first time and some things differently.


Make sure that decision makers and key people in your organisation are aware that the law is changing. They need to appreciate the GDPR’s impact.


Document what personal data you hold, where it came from and with whom you share it. You may need to organise an internal audit.


Review your current privacy notices and put a plan in place for making any necessary changes in time for GDPR implementation.


Check your procedures to ensure they cover individuals’ rights, including how you would delete personal data or provide data electronically in a commonly used format.


Update your procedures and plan how you will handle requests within the new timescales and provide any additional information.


Identify the lawful basis for your processing activity in the GDPR, document it and update your privacy notice to explain it.


Review how you seek, record and manage consent, and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.


Think about whether you need to put systems in place to verify individuals’ ages and to obtain parental or guardian consent for any data processing activity.


Make sure you have the right procedures in place to detect, report and investigate a personal data breach.


Familiarise yourself with the ICO’s code of practice on privacy impact assessments as well as the latest guidance from the Article 29 Working Party, and figure out how and when to implement them in your organisation.


Designate someone to take responsibility for data protection compliance and assess where this role will sit in your organisation’s structure and governance arrangements. Consider whether you are required to formally designate a data protection officer.


If your organisation operates in more than one EU member state, including carrying out cross-border processing, you should determine your lead data protection supervisory authority. Article 29 Working Party guidelines will help you.

Quantify your exposure by using our checklist, please contact us today at or 01959 565678 for a copy of our checklist.

Read more

How HR Can Prepare for the GDPR

How HR Can Prepare for the GDPR

In less than one year, the EU General Data Protection Regulation (GDPR) will come into force. Despite Brexit, the UK government has confirmed that it will comply with the GDPR.

As the GDPR will be formally adopted on 25 May 2018, your organisation should begin taking the necessary steps, if you have not already done so. There are three central standards to comply with:

  1. Privacy by design—Integrate data protection before implementing any new procedures. In addition, you should do the following:

    • Be transparent about the data you collect and how it will be used.

    • Minimise processing personal data where possible.

    • Encrypt personal data so it cannot be used to identify an individual.

    2. Increased rights of employees—An employee has three rights:

    • The right to know how and why his or her personal information is being processed.

    • The right to access his or her data and to have inaccurate data corrected.

    • The right to be ‘forgotten’, which requires an employer to erase personal data about an employee in certain circumstances.

    1. Accountability—To be considered accountable, an organisation must complete the following:

    • Appoint a data protection officer, if necessary.

    • Carry out privacy impact assessments.

    • Consult with the data protection authorities before new data processing activities can commence.

    • Keep records of all its processing activities.

    Start undertaking privacy impact assessments, reviewing your data management processes and auditing the data your HR team stores now to ensure that you are compliant in May 2018. If you would like to find out more about how your organisation can stay cyber-compliant, contact Weald Insurance Brokers Limited today.

Read more

Your Workers Are Sad—Here’s Why

Your Workers Are Sad—Here’s Why

Office Genie, a UK business support consultancy, surveyed office workers about their happiness in the workplace. Based upon the 200 surveyed employees, the average score was 3.63 out of 5. The five most commonly cited reasons for unhappiness were the following:

  1. Feeling overwhelmed

  2. Feeling a lack of control over current position

  3. Feeling unfulfilled

  4. Having a bad or poor relationship with management

  5. Having a poor working environment

The survey also found that 51 per cent of employees with mental health problems felt unsupported in the workplace. To ensure that all the employees at your organisation are happy, consider implementing these six simple practices:

  1. Award deserving employees a pay rise.

  2. Present the opportunity to earn bonuses.

  3. Offer flexible work hours.

  4. Provide employees with the choice to work from home.

  5. Permit a greater degree of privacy for your employees.

  6. Rearrange your office to have a more open concept.

Read more

Top Tips for Preparing Your Home for Summer

Top Tips for Preparing Your Home for Summer

It pays to inspect your home for safety and efficiency before the summer season fully sets in. While you can complete some of these cleaning procedures yourself, other duties require professional help to ensure the work is completed accurately.

  1. Clean out your fridge, freezer and pantry. Take everything out, wipe down the shelves and throw away expired food. Rearrange your food for better organisation and cleanliness.

  2. Organise the garage. Seasonal items can quickly become dusty and disorganised when not in use. Keep your garage clean and organised by installing shelving and by hanging tools on the wall.

  3. Examine door and window insulation. Make sure weather stripping sufficiently seals openings, and immediately repair any cracks or peeling. Then, open your windows to expose your home to fresh air.

  4. Inspect your roof. The roof is your home’s first defence against heat and rain. Maintain the roof’s integrity by hiring a roofing professional to examine its flashing, caulking and shingles.

  5. Sort your wardrobe closet. The winter months may have left your summer clothes buried and wrinkly. Use this time to rotate seasonal clothing, clean any dusty items and select old clothes for donation.

  6. Maintain your garden. Rip out weeds and dead plants, rake mulch and plant beds to promote oxygenation. Then, use a lopper to trim shrubbery and overhanging trees.

Read more

Directors & Officers Liability for Higher Health a

In February 2016, the new guidelines from the Sentencing Council came into force. These amendments dramatically increased fines for corporate manslaughter, food safety and hygiene offences, and health and safety offences. Within the first year, the number of health and safety prosecutions against directors and officers have tripled. What’s more, is that the value of the 20 highest fines in 2016 totalled £38.5 million, which was just slightly more than all 660 successful prosecutions in 2015-16. Research from law firm BLM shows that there has been a 148 per cent rise in the overall amount of fines since 2015, with the average fine amount rising from £69,000 to £211,000.

These new guidelines place a much higher burden on directors and senior managers to ensure that their organisation is compliant with health and safety regulations. If they do not rise to meet this responsibility, the average health and safety fine is £75,000 more than the cost of compliance, according to health and safety consultants, Arinite. Yet, steep fines are not the only deterrent for noncompliance, as it has become increasingly likely that directors and officers could go to prison for either intentional breaches or a flagrant disregard of their responsibilities. In 2016, 34 company directors and senior managers were prosecuted and found guilty, resulting in 12 prison sentences.

To help your organisation avoid these potentially debilitating fines, consider the following best practices:

  • Have a health and safety professional conduct a health and safety review of your premises and policies.

  • Provide annual comprehensive safe work practices training for all your employees.

    However, the most beneficial practice that your organisation can invest in is to purchase robust directors and officers (D&O) cover that also provides run-off cover. For more information, contact the professionals at Weald Insurance Brokers Limited today.

Read more