GDPR or General Data Protection Regulation is the primary law regulating the companies on how to protect the personal data of European citizens. The European Parliament and Council passed it back in April 2016 and it will be replacing Data Protection Directive 95/46/ec in spring 2018. It is mandatory for the companies that are already in compliance with the Directive to comply with the new privacy law by May 2018 to avoid stiff penalties and fines in case they fail to do so. (Lord, 2018)
GDPR mostly is related to processes and agreements that are not very easy to comprehend. As it is quite lengthy and complicated, most organizations and individuals will find the clauses and how their interpretation is done in courts incomprehensible. (Ihalainen, 2016) To come in terms with the new law, whether you are benefitting from the EU or not, following PRACTICAL tips are going to give you and your business a competitive edge. (Ihalainen, 2016)
My practical tips for GDPR compliance
- You should conduct information audit of your organization or company. Where is the data that is collected and where is it stored? Who has the right to its access and what kind of security measures are in place to protect your data? (Snell, 2017)
- Your employees should be well prepared to welcome the new changes, as they are the first hand users and manipulators of the personal data. They should be aware of the possible changes and their impact on the business and consequent penalties in case of non-compliance with the new regulation. (Snell, 2017) Senior management should be fully vigilant and form cross-functional teams to tackle this new situation.
- You should be ready to review your privacy policies and statements and revise them in accordance with the changing policies dictated by the GDPR. (Snell, 2017)
- Your documentation should be revised in compliance with the changing regulations and they should provide comprehensive guidance to the end users who want to know about the kind of information we have about them. (Snell, 2017)
- Any technology you are using makes you liable to comply with the GDPR and you will need to make changes to your system for the purpose. Your suppliers should be informed on the requirements of the new law and what you want them to do. (Snell, 2017)
- The Information Commissioner’s Office and Article 29 Working Party are ready to advice and guide you on how to interpret and implement various clauses of the new law. You should remain alert to any new updates in this regard. (Snell, 2017)
- You should be careful, as there are malicious entities that are going to try and manipulate you by providing you with fake certifications for GDPR certifications. (Snell, 2017)
GDPR is a step towards more secured personal data that can ensure security of yours and your company’s data. It is imperative that you are well familiar with the GDPR as soon as possible for the sake of your business. Not only this, it is necessary for you to adhere to the newly changing laws so that you can conceal true identity of your client by using a universal identifier like NHS number on documents instead of the client’s name. (Bond, 2017)
Bibliography
- Bond, B. (2017, December 11). GDPR: A Practical Perspective. Retrieved February 13, 2018, from Write Upp: http://www.writeupp.com/blog/gdpr-a-practical-perspective/
- Ihalainen, P. (2016, May 09). GDPR – Practical Tips Towards Compliance. Retrieved February 13, 2018, from GlobalSign: https://www.globalsign.com/en/blog/gdpr-tips-towards-it-compliance/
- Lord, N. (2018, January 15). WHAT IS GDPR (GENERAL DATA PROTECTION REGULATION)? UNDERSTANDING AND COMPLYING WITH GDPR DATA PROTECTION REQUIREMENTS. Retrieved February 13, 2018, from DIGITALGUARDIAN: https://digitalguardian.com/blog/what-gdpr-general-data-protection-regulation-understanding-and-complying-gdpr-data-protection
- Snell, P. (2017, July 31). GDPR: 8 things you need to do right now. Retrieved February 13, 2018, from B2B Marketinng: https://www.b2bmarketing.net/en-gb/resources/blog/gdpr-8-things-you-need-do-right-now
Leave a Reply
You must be logged in to post a comment.