SMEs shouldn't be panicking about GDPR but it's high time they got their ducks in a row to prove to regulators that they have a plan in place.

That was among several key messages BusinessCloud heard from a range of businesses and experts at our 'GDPR - are you ready?' breakfast event and live webinar earlier this month.

Sean Crotty (pictured below), partner at law firm Weightmans, urged businesses to remember that it's not just data from a marketing point of view that they need to worry about.

"They must also be wary of employee data, internal data and every type of personal data," he said.

"You need to ensure that all the data you keep is measured and mapped. You also need to think about what data you hold, why you have it and how long you’re keeping it for. You need to start getting your ducks in a row.

Sean Crotty

"If you comply with the data protection act (DPA) as is, chances are that GDPR will be a refinement as opposed to a big bang, but you should be looking at it now and be getting ready. There's no reason to panic."

Elizabeth Clark (pictured below, left), co-founder and CEO of DreamAgility, echoed a similar sentiment.

"Just don’t panic," she said. "I think there's a lot of people scaremongering at the minute but all you need is a common sense approach.

"Any business has to be respectful of people's data. If you’ve got stuff lying around and a lot of people have access to it then you’re going to be in trouble.

"We've made sure that when we put our systems in place that they’re as secure as they can be. Everything is safe in our systems and we’ve very careful about who has access to those systems and what they can do in them, so that's a good starting point."

Dan Burton

Daniel Burton (pictured above), chief executive of Manchester-based Wondrwall, believes companies that take people's data without giving them something valuable in return will be the ones most impacted by GDPR.

"Keep data secure but also make people aware about what you're doing with their data," he said.

"My view is that if you’ve got a good reason to collect data then actually that’s going to make you a much stronger business than somebody that’s collecting data that doesn’t have a good reason, because they’re the ones that are going to fall over.

"As a company GDPR doesn’t worry me because we have a good reason for collecting people's data. The people it's really going to hurt are the ones that are taking data and not giving a benefit back to consumers."

The breakfast event and live webinar also heard from Cascade HR's Mark Shaw; Kathy Fleming, compliance manager at The Lead Agency; UKFast's head of legal Nicola Frost; Liz Ashall-Payne, founder and CEO of ORCHA; Helliwell Media owner and former journalist David Helliwell; Edward Whittingham, managing director of The BFPP; Hiring Hub CTO Anna Dick; Martin Knapp, CEO of S-IA; Kristina McGuirk, marketing director at UKFast; and Chris Hunter, creative director at HM Network.