With just three months to go until GDPR takes effect, the majority of changes should now be fully implemented within your business. Here’s some advice from our Data Protection Officer and Chief Information Security Officer, Steve Sands, on what your organisation should be considering in the run up to May, when the regulation will be enforced.
2. REVIEW, UPDATE AND COMMUNICATE PROCEDURES
Ensure all your procedures are up to date, communicated clearly to staff and reviewed regularly. This includes how you record and manage consent (where appropriate) and an individual’s rights, subject access requests, your privacy notice, the information you hold on individuals and why you hold it.
4. GOVERNANCE
Organisations employing more than 250 people, or processing more than 5,000 data subjects may need to appoint a Data Protection Officer (DPO), although this doesn’t necessarily have to be a permanent employee. This is to ensure data controllers and processors comply with the GDPR and avoid the risks that organisations face when processing personal data. Your DPO should be a data protection expert who can advise on all aspects of data protection legislation and is able to form a link between the public and the organisation’s employees in relation to processing of personal data.
www.ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/whats-new to find out what’s new and their 12-steps guidance at: https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/getting-ready-for-the-gdpr
https://goo.gl/4j3k9x
For more information call 01782 664000
or email info@synectics-solutions.comRelated articles:
Synectics, Company news
How can organisations improve their ability to combat fraud? | Synectics Solutions Blog
Saturday, August 29, 2015
Read moreInsurance
New member of SIRA fraud prevention community - Ramasis Ltd
Monday, November 2, 2020
Read moreInterested?
Let us prove how we can help you. Click the button below for more details.
Find out more