We are here to help
GDPR is coming May 25th, 2018 and you are in the process of updating your documents and processes to meet the new requirements of the regulation. This works requires working across various teams and throughout the whole hierarchy, because it requires that everybody within the organization understands what needs to be done and develops the proper habits so that data can be managed appropriately. Because this is such a change, and because a lot of it is culture change, getting help from an outside organization makes a lot of sense. We are here to fulfill that role.
|
Data protection regulation
The Global Data Protection Regulation (GDPR) was voted in April 2016 and will become effective on May 25th, 2018. The regulation goal is to level the playing field for companies, as part of a larger goal to build a Single Digital Market.
More specifically, the GDPR requires that companies that manage personal data from European citizens:
Fines for non-compliance can be up to 4% of the company consolidated revenue worldwide.
More specifically, the GDPR requires that companies that manage personal data from European citizens:
- Maintain a register of all data processing,
- Appoint a DPO,
- Implement the proper training and processes for their employees to guarantee proper and secure handling of personal data,
- Carry out privacy impact assessments,
- Document the legal basis for data processing, including collecting informed consent from Data Subjects as needed,
- Provide information and access so that Data Subjects can exercise their rights,
- Provide data portability so that users can switch service providers,
- Control data exports through Binding Corporate Rules, or standard contractual clauses,
- Notify the Data Protection Authority within 72 hours in case of a data breach.
Fines for non-compliance can be up to 4% of the company consolidated revenue worldwide.