General Data Protection Regulation (GDPR)

The General Data Protection Regulation otherwise known as (GDPR) will come into force on the 25th May 2018. GDPR is coming! Whether your business is ready or not. Small or large, your business will be affected by this change in the law.

It sounds and is scary at many levels, but it is also a huge opportunity for businesses to audit, review and improve the way your business handles data and this is a real benefit for your customers if you get it right.

There is no need to panic! However, you do need to get started soon, as the clock is ticking. Many of the GDPR central concepts and principles remain the same as those in the current Data Protection Act (DPA). So the good news is if you are already compliant you are starting from a strong foundation.

The take-home message in regards to GDPR is to have a plan!

Your business needs an audit plan for GDPR, providing a GDPR summary that you can then use to ensure that you work towards company-wide GDPR compliance. One person working in isolation on GDPR within your organisation is highly likely to fail. Multi-Disciplinary teams from Legal, IT, HR, for example, all need to collaborate. It is a mistake to assume that GDPR is just an IT or HR issue. Buy-in from a senior level within your organisation is also critical, to ensure that this is a boardroom level agenda and the audit plan is implemented.

Will your business be affected by the GDPR?

If your systems collect any personal information internally or externally, e.g. name, date of birth, financial, medical, educational or employment you will need to be GDPR compliant by 25th May 2018.

The GDPR apply to how you store and process data and extends to how you manage, audit, retrieve and remove data not just in the UK but globally. Having an audit plan is an essential tool which we can help you put in place.


How can Magma help?

Magma has 19 years experience in developing bespoke software systems and improving legacy software systems. We have worked with organisations across diverse sectors to help them increase the security around sensitive data, achieve data security compliance and enhance system performance.


Tailored GDRP Audit and Consultancy

Our consultancy service will ensure your organisation meets its obligations under the GRPR by:

  • Auditing, assessing and technically reviewing code
  • Migrating data and implementing system changes
  • Providing an audit plan and implementation plan
  • Ensuring your organisation’s compliance is sustainable as your systems and processes develop to meet your business and clients’ needs


The GDPR is a game changer for all organisations regardless of size, the penalties for breach are substantial. Systemic changes for your company will be resource intensive and time-consuming therefore you need to act now to find out where your data is held, how secure it is and whether you are going to be able to meet your compliance obligations. We can work with you onsite or remotely, we can support your Data Protection Officer and help you audit and improve your data security, data protection and help you avoid a data protection breach.


To find out more about how we can ensure you are GDPR compliant call us on 0845 241 6460 or email