Data makes the world go around. Certainly the modern business world.
So much so that it’s virtually impossible for a company to operate at its full profitability without a coherent data strategy.
In today’s busy connected landscape, personal data is being collected from every direction and stored at an incredible rate.
The websites you use, the calls you make, the places you visit, even the photos you take – they are all being recorded, measured and leaving a digital footprint.
A footprint that is fast becoming a valuable resource for all businesses.
The introduction of the General Data Protection Regulations (GDPR) three years ago, brought a legal obligation on business to ensure they are collecting, storing, using and deleting personal data in the right way.
As a reminder of the basics, here are top 10 compliance tips to ensure you’re keeping GDPR compliant:
1) Document the “Personal Data” You Collect
Companies should document what type of personal data they collect, where it originated from and who they share it with.
2) Identify the Purpose of your Data Collection
3) Determine and Disclose How Data is Stored
All companies subject to the GDPR are required to disclose to individuals how they store the personal data collected.
4) Issue a Clear and Concise Privacy Notice
6) Obtain Consents and Permit Withdraw
GDPR requires companies to secure specific consent from individuals regarding the collection, use and transfer of their personal data. It also provides them with an explicit right to withdraw such consent.
7) Deliver GDPR Training
Training is a critical component to any effective compliance program.
8) Prepare to Respond to Privacy Rights
Businesses should be prepared to respond to individuals who exercise rights, including the right to have their personal data deleted, corrected, and transferred, and the right to object to profiling.
9) Maintain Records of Compliance Efforts
Companies should maintain adequate records of their compliance efforts, including any updates to policies and procedures, logs of training delivered, investigations and reporting of data breaches.
10) Establish Data Breach Response Procedures
Companies should establish data breach response procedures to help detect, report and investigate data breaches.
Want to find out more about how we can help you with Data Management and GDPR Compilance, get in touch today.