The EU General Data Protection Regulation (GDPR) legislation is now in place and organizations doing business in the EU have until May 25th 2018 to be compliant – or face hefty penalties. With about 7 months left of the transition period, what does this mean to your organization? What do you need to do to prove compliance?
Overview of GDPR (General Data Privacy Regulation)
What is GDPR?
- Increased responsibility and accountability for those processing personal data – through data protection risk assessments, data protection officer, and the principles of ‘data protection by design’ and ‘data protection by default’
- Obtain consent. It must be obtained by means of a clear affirmative action
- Data Training, employees to be trained, aware of data privacy processes, protection and security polices
- Right to be forgotten. When the individual no longer wants their data to be processed and there are no legitimate grounds for retaining it, the data will be deleted
- Data transfer/Information security: right to transfer personal data from one service provider to another
- Documented data flows: maintain audit trails to show GDPR compliance
- Businesses and organizations will need to inform individuals and supervisory bodies about data breaches
7 questions you should ask yourself ?
- At what stage is my company prepared for GDPR?
- Did my organization perform Privacy Risk/Impact Assessments (PIA)?
- Does my organization have a clear overview which and where personal data is stored and processed?
- Do my employees know what to do in case of a data breach incident?
- Is there a Data (Privacy/Protection) Officer appointed?
- Are my suppliers compliant with GDPR requirements?
- Are personal data deleted or anonymized when no longer needed for identification?
How can we help?
- Quick Maturity Assessment (Gap analysis)
- Tailored approach:
- Awareness program
- Current State Assessment & identification of gaps
- Privacy Risk Assessments
- Define Roadmap and Implementation Plan
- Project Management of GDPR Implementation
- Vendor/supplier GDPR contract compliance review
- Advisory and QA on GDPR Implementation
- Providing additional resources to strengthen your current GDPR project team
You want to know more about RGP GDPR expertise:
+32 2 290 22 50
or fill in the request form: