The General Data Protection Regulation (GDPR), a groundbreaking change in Data Protection, will most likely become the global standard for Data Protection regulations. This regulation was approved on April 14th 2016, and was finally implemented on May 25th 2018. The regulation’s two most important areas are Accountability and Enforcement. Accountability: The GDPR demands that the controller be responsible for ensuring that privacy principles are observed. The GDPR also requires that your organization can show compliance with all principles. Enforcement: Data Protection Authorities (DPAs in member states) must enforce the Regulation with substantial penalties if organizations fail to demonstrate compliance with the GDPR accountability principle. These National authorities have the main task of monitoring the application of the Regulation. They must also issue substantive penalties to organizations that fail to demonstrate compliance with the GDPR accountability principle. Many other industries will have to deal with these regulations. Organizations within the GDPR’s scope need to take action quickly before May 25th 2018, the enforcement date, is near. They can hire an expert with gdpr certification to handle these issues.
This applies to all data processors and controllers in the EU, as well as companies that process personal data of EU citizens.
Get buy-in from key business stakeholders
Your GDPR readiness team
Assess and identify relevant business functions
Identify and assess Third Party Processing activities
Establish a central Personal Data Register. Distribute current Data Protection policies and Privacy Notices.
Educate the internal Data Processors and Data Handlers
PHASE II: Operate