• Denrique Davis

GDPR: What is GDPR and how to prepare

What is GDPR?

The General Data Protection Regulation (GDPR) was adopted by the European Parliament in April 2016. These new provisions apply set out a baseline set of standards for companies that handle EU citizens’ data to better safeguard the processing and movement of citizens’ personal data across borders.

The GDPR will apply to all EU member states and to organisations outside the union when processing the data of citizens from within the EU, so there is a good chance it applies to your organisation aswell.

The key requirements laid out by the GDPR include

  • ​Anonymising collected data to protect privacy

  • Providing data breach notifications

  • Requiring the consent of subjects for data processing

  • Safely handling the transfer of data across borders

  • Requiring certain companies to appoint a data protection officer to oversee GDPR compliance

Getting prepared

Organisations preparing for GDPR will find that their process needs to change. In companies where the IT department is still largely independent of other departments, it will now need to integrate and collaborate closer with other departments to ensure the security of shared data and compliance.

Organisations whose IT departments currently communicate with other the departments will need to continue in order to comply with new legislation.

It is recommended that organisations start by prioritising actions to prepare for the impending requirements start by:

  • Appointing roles dedicated specifically to data protection

  • One individual to act as a contact point for the Data Protection Authority (DPA) and data subjects and a data protection officer (DPO) to ensure processing operations are compliant.

  • Demonstrating accountability for all processing activities transparently, check how data flows across different borders both within the EU and outside it. Who are the controllers for example.

  • Preparing for data subjects to exercise their extended rights, in areas such as the right to be forgotten, removed from all servers completely and the right to be informed of a data breach.

Don’t wait until it’s too late

GDPR legislation due to be implemented in 2018 will be far-reaching consequences especially for IT departments. In order to properly prepare for this, your budget will need to include the costs of those tools which will be needed to achieve compliance.

There is no better time than now to look at your current processes to determine where data exists, how it is being stored and whom is being tasked with your asset data sanitisation, storage and disposal For additional information on the GDPR Legislation head to the ICO

#DataProtection #DataSanitisation #GDPR #AssetDisposal #GeneralDataProtectionRegulation #ICO #DataSecurity

Advance Services & Solutions
Advance Services & Solutions

Advance Services 

Key House

Cow Lane




E: enquiries@advance-services.co.uk

P: + 44 (0)118 950 0022 (Option 1)

  • Advance Services Facebook
  • LinkedIn - White Circle

© Advance Services & Solutions Limited 2017. All rights reserved