As you’ve probably heard, on May 25, 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.
WHAT DOES IT MEAN FOR YOUR COMPANY?
There are a few things that GDPR will change:
- Personal privacy rights: Individuals will have the right to access their personal data, correct errors in their personal data, erase their personal data, object to the processing of their personal data, or export their personal data.
- Added controls and notifications: Organizations will be required to protect personal data using appropriate security measures, notify authorities of personal data breaches, obtain appropriate consents for processing data, and keep records detailing data processing.
- Transparent policies: Organizations must provide clear notice of data collection, outline processing purposes and use cases, and define data retention and deletion policies.
- IT and training requirements: Organizations will need to train privacy personnel and employees, audit and update data policies, employ a Data Protection Officer (if required), and create and manage compliant vendor contracts.
In short, GDPR demands stricter controls on where personal data is stored and how it is used. The bring better data governance tools for improved transparency, recordkeeping, and reporting. Finally, it will improve data policies to give data subjects greater control and to ensure lawful processing.
WHAT CAN YOU DO TO PREPARE?
Preparing for the GDPR is a business-wide challenge that will take time, tools, processes, and expertise. Preparations may require significant changes to how you conduct your business and to customers' privacy and data management practices. The requirements are complicated and each organization’s path to readiness will be unique, so don’t wait until May to begin preparing.
We’re here to help. Our team of data and technical experts can assess your readiness and help you determine the best path forward to ensure you can continue to serve your customers.
Contact BroadPoint today for more information and to assess your readiness.