Organisations need to become compliant with the General Data Protection Regulation (GDPR) by 25 May 2018. Here are 7 top-level changes that will directly affect how you handle data:
- Even if your business is not in the EU, you will still have to comply with the Regulation if you handle personal data of EU residents.
- The definition of personal data is now broader, encompassing factors such as an individual’s mental, economic, cultural and social identity.
- You must provide clear and affirmative consent to the processing of personal data and consent will be necessary to process children’s data.
- A data protection officer (DPO) will be mandatory for certain companies.
- You must perform a data protection impact assessment before undertaking higher-risk data processing activities.
- You will have 72 hours to report a data breach.
- Data subjects have the ‘right to be forgotten’.
Must-have GDPR implementation guidance
New to the market, EU General Data Protection Regulation (GDPR) – An Implementation and Compliance Guide details exactly what you need to do to comply with the GDPR. It covers:
- the GDPR in terms you can understand;
- how to set out the obligations of data controllers and processors;
- what to do with international data transfers;
- understanding data subjects’ rights and consent;
- and much more.
Open your eyes to what’s coming
Help your organisation comply with the GDPR using the EU General Data Protection Regulation (GDPR) Documentation Toolkit.
It contains all the critical documents your organisation will need, including project documents covering data protection policy, DPO requirements, privacy impact assessments, incident response and breach reporting.
“I found the templates and guidance documents very useful. Really opened my eyes to what’s coming. Thank you.”