Every company sends email. Business operates on email and without email we would just not be able to survive! However email is the most frequent source of GDPR data breaches. Just this week a school accidentally sent a payment demand that was aimed at one parent to the whole school.
This simple administrative error is an example of a data breach that would need to be reported to the ICO and the school may face investigation and action. Their only chance of escape is if the school has completed all their GDPR work, trained their staff, and taken all reasonable precautions to avoid this sort of error.
So, have you completed your GDPR? Have you trained your staff? Can you prove that you have taken precautions to avoid email errors?
Answer honestly now.
If you need help or advice feel free to call anytime.
Good luck all.