GTS users will benefit from a package of product enhancements to meet the challenges of new GDPR legislation, to be announced at October client conference
The European Union’s ambitious General Data Protection Regulation (GDPR) will come into force in under 12 months on 25th May 2018 and UK firms will be required to comply from the outset, regardless of Brexit. Failure to comply could result in fines of up to £20m, or 4% of annual global turnover, so businesses need to be assessing how they are going to respond to this new requirement ahead of it taking effect.
IMX Software is experienced at helping clients comply with regulatory requirements around the world and will be announcing a programme of GDPR-led product changes to be available later in 2017, in time for implementation before the deadline. Full technical and commercial details will be announced at our client conference in London on 10th October.
Most Money Service Business (MSB) processes involve collecting customer data, and even if this is solely for regulatory purposes it still falls within the scope of GDPR. Among other items, the GDPR includes comprehensive rights for individuals which will require pro-active management of client data by the MSB, potentially over several years, including the right to be informed, right of access, right to erasure, right to restrict processing and a right to object.
Bill Tickner, IMX Software CEO said: ‘Many MSBs will be considering if they need an information audit to assess existing processing policies, such as retention periods, and how the individual’s rights, such as for deletion of personal data or providing the data electronically, will be managed. It is likely that new data handling policies and processes will be required by the MSB to ensure compliance with GDPR and we aim to assist our customers to meet this new regulatory obligation prior to the deadline.’
Other key considerations include how customer consent will be obtained for the capture, storage and usage of their data, as well as clarifying the legal basis for holding and processing the data. Staff training is expected to be a key area for action as front line staff will need new tools to address customers’ questions as they gain more understanding of their individual rights.
In addition to the package of GTS product changes, IMX will also be teaming up with an external, independent consultant to make available a GDPR assessment that will provide a health check on key aspects of the legislation and provide management with a recommended action plan to ensure compliance. More details will follow on this GDPR assessment service shortly.
Please contact us at GDPR@imxsoftware.com for more details.
For further information on GDPR, the Information Commissioner’s Office has published a useful guide to the steps a business needs to be taking, available at https://ico.org.uk/media/for-organisations/documents/1624219/preparing-for-the-gdpr-12-steps.pdf