GDPR - Top 5 things to consider

Author: Nav Hir, Test Manager, GDPR Consultant

“Access, Rectification, Deletion, Portability”

The General Data Protection Regulation comes into force on 25th May 2018. All companies must ensure they meet the GDPR requirements before then. The following steps provide guidance on how to prepare for the GDPR:

1 Assess current systems, policies and procedures by carrying out a Data Protection Impact Assessment. This will give an overview of the business analysis.

Document what kind of data is held, where it is stored and how it is protected. What kind of software and technology is in place to protect data?
Review the current data-related policies and procedures, including on-boarding, encryption, remote access, mobile devices, sensitive information, HR exit procedures, third parties and data breach notifications.

2. Identify risks and gaps that need to be plugged to meet the GDPR requirements. This will result in a gap analysis overview.Are the current systems, policies and procedures adequate to protect data? Are there any risks of data breaches? Present recommendations

Evaluate third-party data security companies and tools if there is a need.
Individuals’ rights – are there systems in place to transfer personal data to other companies and to delete personal data if requested?
Are requests for permission to use customers’ personal data clear on the purpose and period of time?

3. Identify solutions and create a timeline to implement them

Research suitable solutions for any identified risks or gaps.
Solutions must be implemented before the GDPR comes into force.

4. Designate a Data Protection Officer/GDPR Consultant

A DPO/GDPR Consultant can be appointed if mandatory for the business or an internal lead contact person can be appointed for data protection plus communicate with the Data Protection Authority if required.
The DPO/GDPR Consultant should communicate with senior management to discuss data protection strategies and for approval as well as communicating the roadmap to compliance.

5. Staff training and awareness

Ensure that staff are aware of the importance of data protection and any new/amended processes to comply with the GDPR.
Ensure internal teams communicate with each other to maintain data protection, such as IT, Security, Legal, Compliance, Finance and HR teams.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

JOIN US

IT Consulting Services as a Group!

AI in Consulting: The Study

Inside Polar Cape: Vera Grgurichin Najdoska, Senior .Net Developer

Exploring Large Language Models (LLMs): Building Q&A Chatbots Using the RAG Method

The Story of BizLab Analytics: Advanced AI Services for Stores and Media

locate us

Follow us