Are you up to speed? General Data Protection Regulation (25th May 2018)

source: Scott Robert
published: 8 January 2016

The General Data Protection Regulation (GDPR) is coming. It affects every organisation that handles data. There’s lots to do and you’ll need to act quickly if you want to be prepared.

To be ready for GDPR you’ll need to:

• Review and amend your privacy policies and notices.
  
• Establish a system for managing and correcting the data you share with other organisations.
  
• Ensure you are able to comply with the new Subject Access obligations.
  
• Review your legal basis for processing data, and ensure your consent management is compliant.
  
• Understand the requirement for Privacy Impact Assessments, and data breach reporting, and be prepared to use them.
  
• Put in place policies, procedures and monitoring processes to manage your compliance.
  
• Consider the need to appoint a suitably qualified Data Protection Officer.
  
• Train your organisation so that it understands the new rules and obligations.
  

Privacy policies and notices

Under the GDPR you’ll need to explain your legal basis for processing data and how long you will retain the data for, and tell data subjects they have a right to complain to the Information Commissioners’ Office if they think there is something wrong.

The explanations that you give to data subjects must be easy to understand and concise.

Read More click here >

Other References:

1. The EU General Data Protection Regulation (GDPR) >
   
2. Get the brochure (Sunguard Services) here >
   
3. Re-consenting to marketing under GDPR? >
   
4. (Also see 'Lawfulness of processing' here >