The countdown to the new millennium heard of horror stories predicted for planes falling out of the sky for failing to deal with the looming date of 31st December 1999. Working in a bank all night I witnessed the world transit through the different time zones, following the dawn.

By the time we in the UK were in the early hours of the New Year we realised that actually the world probably wasn’t going to end and that everything would be alright. The point here is that the seamless transition was due to preparation, and lots of it.

With now less than 470 days to go until the EU General Data Protection Regulation (“GDPR”) becomes enforceable in the UK, the so-called “GDPR D-Day” will be on May 25th 2018. A major shake-up of data protection rights for individuals, GDPR introduces several new aspects of responsibility for businesses to remain compliant, with the intention for the Channel Islands to enforce its own updated legislation at around the same time.

The Office of the Information Commissioner has published a document to help organisations understand where they may need to start focusing their efforts. “Preparing for GDPR Your Next Steps” is easy to understand and freely available to download.

The way in which personal data will need to be processed, protected, documented, shared and updated will all come under additional scrutiny, with the penalties for infringement being much steeper – as much as 20 million euros or up to 4% of global annual turnover, truly mind-boggling numbers. For some context The Inquirer reported in November 2016 that under GDPR the recent hacking incident of Tesco Bank would have cost Tesco £1.9bn in fines!

The impact of GDPR will be significant, I strongly recommend you start your preparation now in order to maintain business advantage.