General Data Protection Regulation

The European Union’s General Data Protection Regulation (GDPR) is a regulation concerning the data protection rights of individuals. It came into effect on the 25^th of May 2018 and is enforceable to any organisation globally that holds information relating to EU citizens.

The GDPR addresses organisations policies and procedures relating to personal data of individuals, which will greatly impact how this data is collected and managed. It will introduce obligations in relation to data accountability and transparency, as well as providing individuals with stronger rights regarding their personal data.

Outlined below are the main areas of change that will be introduced through the GDPR:

The GDPR provides strict policies on data transparency

Users must be clearly notified of any personal data collection
Consent for data collection must be explicit
Policies regarding personal data collection, retention and deletion must be clear and transparent
Obligation of honesty with users about how their personal data is being used and processed

The GDPR provides users with new personal privacy rights

The right to be forgotten (organisations must delete all personal data relating to the user upon request)
The right to access to their personal data at any time
The right to data minimisation (giving only the minimum personal data required)
The right to object to personal data processing

The GDPR outlines new policies on data breach notifications

In the event of a data breach, organisations have 72 hours to report the breach to a local data protection authority
This includes determining the extent of the breach and notifying affected users
Notification is not required if the data breach is unlikely to result in a risk for the rights and freedoms of users

The GDPR provisions promote accountability and governance

Organisations must employ a Data Protection Officer (if required)
Employees must be trained on data privacy policies to ensure personal data protection at all times
Policies on data processing must be audited and updated
Data protection impact assessments must be used where appropriate

How can Tecnica help your business?

GDPR is here, and your business needs to be prepared.

At Tecnica we can help you adjust to the changes GDPR has brought, with trained specialists on hand to help ensure full GDPR compliance. Our experts assess your current data management and devise a strategic data management plan taking into account all of the policies and restrictions GDPR has introduced.

We leverage extensive in-house knowledge of content management systems, cyber security, and risk management implementing policies and procedures to ensure your customer data integrity. Furthermore we can train your staff on data security policies, helping reduce the risk of insider threats to data by performing spot checks to increase observation and awareness.

The consequences of non-compliance can be severe, but with assistance from Tecnica your business can be fully confident moving forward.

For more information on what the General Data Protection Regulation will mean for your business, visit www.gdpr-info.eu.

Is your business prepared for the General Data Protection Regulation? Our IT specialists fully secure your data, consistently deterring breaches and assisting you in your journey to GDPR compliancy. To find out more please contact us.

General Data Protection Regulation

Useful Links

Services

Contact Us