General Data Protection Regulation (GDPR)

Obtain best practice advice on how to implement your GDPR compliance programme.
blur-close-up-daylight-1743364-e1588767283827

What is the GDPR?

The EU General Data Protection Regulation (GDPR) sets a minimum standard for data protection in the EU, and it is the most important change in data privacy regulation in 20 years.

The objectives of the GDPR is both to protect the rights and the privacy of people in the EU and to facilitate the free movement of data throughout the EU.

Some of the key aspects of the regulation include:
– Obtaining unambiguous consents to process the data
– Anonymising collected data to protect privacy
– Providing privacy breach notifications
– Safely handling the transfer of data across borders
– Requiring some companies to appoint a Data Protection Officer to oversee GDPR compliance

The GDPR came into force on 25th May 2018 and it applies to all companies that handle EU citizens’ data. Failure to achieve compliance is now subject to stiff penalties and fines that can go up to 4% of annual global turnover or €20 Million.

Your 4-step plan to comply with the GDPR

1

Conduct a Data Audit

The first step in achieving GDPR compliance is to conduct a thorough data audit. This will help you identify what data you hold, where it is stored, who has access to it, and how it is being processed. This information will be crucial in helping you understand the risks associated with your data processing activities and in developing a compliance plan.

2

Develop a Compliance Plan

Once you have identified your data processing activities, the next step is to develop a compliance plan. This plan should outline the steps you need to take to ensure that you are compliant with the GDPR. It should include policies and procedures for data protection, employee training, data breach notification, and data subject requests.

3

Implement the Compliance Plan

The third step is to implement the compliance plan. This will involve putting in place the policies and procedures that you have developed, training your employees on the GDPR, and ensuring that all data processing activities are carried out in accordance with the GDPR.

4

Monitor and Review

The final step is to monitor and review your GDPR compliance on an ongoing basis. This will involve regularly reviewing your policies and procedures to ensure that they remain up to date and effective, and monitoring your data processing activities to identify any areas of non-compliance.

Your advisor is ready to help now.

Your details