VISIT US
MENU

© Advance Services & Solutions Limited 2017. All rights reserved

Advance Services 

Key House

Cow Lane

Reading

RG1 8NA

 

E: enquiries@advance-services.co.uk

P: + 44 (0)118 950 0022

Advance Services & Solutions
Advance Services & Solutions
  • Advance Services Facebook
  • LinkedIn - White Circle

GDPR: What is GDPR and how to prepare

July 28, 2017

 

What is GDPR?

 

The General Data Protection Regulation (GDPR) was adopted by the European Parliament in April 2016. These new provisions apply set out a baseline set of standards for companies that handle EU citizens’ data to better safeguard the processing and movement of citizens’ personal data across borders.

 

The GDPR will apply to all EU member states and to organisations outside the union when processing the data of citizens from within the EU, so there is a good chance it applies to your organisation aswell. 


The key requirements laid out by the GDPR include

  • Anonymising collected data to protect privacy

  • Providing data breach notifications

  • Requiring the consent of subjects for data processing

  • Safely handling the transfer of data across borders

  • Requiring certain companies to appoint a data protection officer to oversee GDPR compliance

 

 

Getting prepared

 

Organisations preparing for GDPR will find that their process needs to change. In companies where the IT department is still largely independent of other departments, it will now need to integrate and collaborate closer with other departments to ensure the security of shared data and compliance.

 

Organisations whose IT departments currently communicate with other the departments will need to continue in order to comply with new legislation.

 

It is recommended that organisations start by prioritising actions to prepare for the impending requirements start by:

 

  • Appointing roles dedicated specifically to data protection

    • One individual to act as a contact point for the Data Protection Authority (DPA) and data subjects  and a data protection officer (DPO) to ensure processing operations are compliant.

 

  • Demonstrating accountability for all processing activities transparently, check how data flows across different borders both within the EU and outside it. Who are the controllers for example.

 

  • Preparing for data subjects to exercise their extended rights, in areas such as the right to be forgotten, removed from all servers completely and the right to be informed of a data breach.

 

Don’t wait until it’s too late

 

GDPR legislation due to be implemented in 2018 will be far-reaching consequences especially for IT departments. In order to properly prepare for this, your budget will need to include the costs of those tools which will be needed to achieve compliance.

 

There is no better time than now to look at your current processes to determine where data exists, how it is being stored and whom is being tasked with your asset data sanitisation, storage and disposal   For additional information on the GDPR Legislation head to the ICO

Share on Facebook
Share on Twitter
Please reload

Featured Posts

How and Why to A Create Data Destruction Policies

October 13, 2017

1/5
Please reload

Recent Posts
Please reload

Archive
Please reload

Search By Tags