GDPR (General Data Protection Regulation) will call into question the way companies process and handle the data. By 25 May 2018 both European companies and government bodies are expected to act in accordance with GDPR. That means any company holding data relating to EU citizens, this to be personal information, credit cards number or just photographs, shall be subject to GDPR.
Through enactment or this new regulations, EU agreed a message of crucial importance: that it’s concerned about its citizens’ privacy and data protection.
By adopting such processes it will be possible to identify and fix the problems at the early stages of a project, thus reducing the costs associated and damages that may arise due to a breach of law and violation of regulations concerning the protection of data. Thus, GDPR can change into a competition factor. Pillars of the new regulation are the DPO (Data Protection Officer) and records of processing activities.
How to meet the requirements of the new regulation in 5 steps:
1 Don’t disregard the GDPR.
2 Nominate a Data Protection Officer.
Non just those companies taking action at a EU level, but even the non European ones processing data related to the EU should nominate a Data Protection Officer.
3 Demonstrate an attitude of responsibility.
4 GDPR doesn’t mean security only,
5 Prepare for possible actions from the subjects concerned
If a company is not yet able to deal with data breach or subjects exercising their rights, falling into line with the new legislation is urgently recommended.
Text by Antonella Alberio, Consultant Reti S.p.A.