This week heralds the implementation of the General Data Protection Regulation (GDPR), which has been one of the most talked about pieces of legislation in recent years because it affects everyone from organisations to the consumers or employees whose data they are processing.
What is the GDPR?
The GDPR was introduced to unify all EU member states' approaches to data regulation, ensuring all data protection laws are applied identically in every country within the EU. It will protect EU citizens from organisations using their data irresponsibly and puts them in charge of what information is shared, where and how it's shared.
Complying with GDPR is vital. Any business found not sticking to the rules could be charged fines of up to €20 million or 4% of the company's global annual turnover, though the toughest fines will be reserved for the worst data breaches or data abuse.
Where is your organisation on its route to GDPR compliance?
Whether you are well down the compliance route or starting to think about it, it is essential you prepare.
Organisations need to start by understanding what data they acquire, hold and process and the legal basis for that. Privacy needs to be designed into systems and processes and respect for data subject rights needs to be stepped up.
Policies and procedures for handling any security breaches needs to be in place. At its heart however, data protection is about the same issues - understanding what data you hold and why.
How can Exova BM TRADA experts help on your journey to GDPR compliance?
There are a number of routes to demonstrate compliance including:
GDPR Audits - we offer an on-site audit of your current processes which can help to highlight how and what you need to do to aid compliance with the GDPR. We offer training and consultancy too.
Personal Information Management System Training – we offer a one day awareness training course aimed at all those in the organisation that process personal information of employees, from sales, HR, finance and operations.
Adopting ISO 27001: 2013 will provide your organisation with a framework for creating an information security management system which identifies the real risks your business faces and ensures that you have the controls in place to mitigate and manage those risks.
To discover more about our services, visit our website or contact an Exova BM TRADA expert. Please email us or call us on +44 1 494 569745.