We look at how organisations can prepare for the General Data Protection Regulation.

On 28 May 2018, the EU’s ambitious General Data Protection Regulation (GDPR) comes into force, with the aim of strengthening data privacy and protection for all EU citizens.

The regulation puts individuals firmly back in charge of their personal information and what happens to it. From sole traders working at home to giant multinational corporations, no one (except law enforcement and intelligence agencies) is exempt. But how well-prepared is the UK?

There needs to be a concerted effort to raise GDPR awareness among the general business community, and especially SMEs.

The regulation places significant new structures upon organisations, including:

  1. Having to build privacy into systems by design (and switched on by default);
  2. Conduct regular privacy impact assessments; implement stronger consent mechanisms (particularly when processing data pertaining to minors);
  3. Follow stricter procedures for reporting data breaches;
  4. Document any use of personal data in far more detail than previously.

Organisations failing to comply could face fines of up to €20m or 4% of annual turnover (whichever is greater).

Read entire article GDPR A quick start guide | Computer Weekly

5 Comments »

Leave a Reply