GDPR2DSM – Data Protection for SMEs

GDPR2DSM – Data Protection for SMEs

We provide smaller businesses with information and tools to bring their data security practices in line with the General Data Protection Regulation.

Surveys and witnessed practices have revealed that in Finland and Europe at large, many small and medium-sized businesses still require additional information and support in enhancing their data protection.

This project, a collaboration between TIEKE and the Finnish Office of the Data Protection Ombudsman, armed SMEs with the knowledge and tools to reach a data protection standard set by the European Union General Data Protection Regulation.

How we did it

The project commenced in 2021 with launching an extensive survey for SMEs exploring their knowledge and ability to maintain GDPR standards.

The results of the survey stage were utilised as a baseline for collaborative GDPR practice development with SMEs.

The outcome of the development process is a toolkit for SMEs that they can easily employ to enhance their data privacy practices.

The benefits of improving SME GDPR standards

In addition to better data safety of employees, customers and collaborative partners, the project had a wider scope.

Appropriate data protection practices build better trust to do business, in both B2B and B2C sectors. Our project provides the smaller company with better opportunities to reach digital and international markets, especially the European Single Market.

The DSM in GDPRDSM stands for the European Digital Single Market. Fundamentally, developing the DSM requires removing obstacles to online business on the national level.

Piloting in Finland, the tools and practices devised can smoothly be applied to data privacy work elsewhere in the EU.

Data protection tool incorporated into a larger databank of materials  

The data protection self-assessment tool has been published on a website that includes, in addition to the tool, other materials intended for the use of small- and medium-sized companies.

The tool has also been translated into Swedish and English, which means that it can be used in other EU Member States, too.

Data protection self-assessment released as open source

The source code and contents of the Data protection tool have been published for free use on GitHub. The tool can be used, for example, to further develop a business- or industry-specific data protection tool or to produce new language versions. The license allows source code to be utilized in commercial applications as well.

The content of this page represents the views of the author only and is his/her sole responsibility. The European Commission does not accept any responsibility for use that may be made of the information it contains.