Search Our Site

We have 3,719,730 registered online learners.
385 new learners so far today.

GDPR: 4 ways your business should be preparing

schedule 5th October 2017 by Alex Bateman in Virtual College Last updated on 24th April 2018

Computer and notepad in business environment

As of May 25th 2018, businesses and organisations in the UK will have to comply with the General Data Protection Regulation (GDPR), so how can they prepare for these changes?

Earlier this year, the European parliament approved the General Data Protection Regulation (GDPR). This will mean that every country within the European Union (EU) will have to be compliant - including the UK. While Britain has negotiated a number of exceptions to the GDPR, businesses in the country must still prepare for the upcoming regulations that will take effect as of May 25th 2018.

With less than a year before companies will have to enforce the GDPR, it is crucial that they start preparing now, using the remaining months to check whether their current data processing and data protection policies are compliant with the upcoming regulation.

Businesses must be aware of several key changes between the current Data Protection Act 1998 and the GDPR. Here we take a look at four ways your business can prepare for the new regulation, to avoid any potential damage once the GDPR is enforced.

1. Check your current policies and guidelines

It would be useful for any business to check their current policies and guidelines surrounding data protection, specifically the legal basis in which you use personal data. While currently you may not need the approval of a person to store data on them, this may change as of next year.

If you need the individual’s approval to store this information and you don’t have their consent, this could cause problems for your business. If you do have their consent, you must ensure that the information regarding the process is clear and understandable. The GDPR states that all information must be offered in clear and simple language.

2. Prepare guidelines for violations

Should your business experience any privacy violations, you must be prepared to deal with them. You can do this by setting clear guidelines and providing employees with a procedure to follow so that data breaches are responded to quickly and effectively.

In addition to this, you should also establish a framework for accountability so that you have a clear policy that proves you meet the necessary GDPR standards. By creating a safe culture of monitoring, inspection and judgement, and processing procedures, your business will be safe from data breaches.

3. Consider data rights

Put yourself in the shoes of your customers, clients or any individuals that may demand their rights under the GDPR. With the new regulation they have the right to be forgotten, have data deleted and have data moved elsewhere.

This means that if you’re storing data, you must check the legalities for storing personal information under GDPR. If you are a data provider, there are some obligations that you must understand and integrate into your policies, procedures and contracts. The documentation you have may already be sufficient, but if not, consider the additional costs of the services caused by the new rules.

4. Understand cross-border transfers

Businesses must understand cross-border transfers, as a failure to do this under the GDPR could cost your company big time, resulting in a fine of four per cent of the business's’ global turnover.

Your company must ensure that all international data transfers (including intra-group transfers) have a legal basis to transfer personal data in a country that may not have sufficient data protection regulations.

If you think your business could do with an introduction to the GDPR then sign up to our free online GDPR overview today.

Related resources

Alex Bateman - Virtual College

Author: Alex Bateman

Alex is interested in the strategic application of learning and development. In particular how organisations can promote engagement with ongoing learning campaigns. He spends his spare time renovating his Victorian house. Ask him about his floors, I dare you.

ISO 9001:2015
Crown Commercial Service Supplier
LPI Accredited Learning Technologies Provider


+44 (0)1943 605 976

Virtual College

Marsel House


West Yorkshire

LS29 8DD

Awards for footer
Gold and silver award winners at the Learning Technologies Awards 2017 - including gold for excellence in the design of learning content.


We are in the process of moving to one Virtual College website. If you want to go back to a course, or start a course, bought from our old website then you may need to login to our original learning management system. Otherwise, please proceed to our new learning management system to return to your training.


You are already logged in. Click the button below to be taken to your LMS dashboard. Alternatively, click logout to leave the system.