GDPR – these four letters are the cause of constant headaches, nail biting and sleepless nights for many employees. Due to become enforceable in just under five months, the General Data Protection Regulation appears to be a hot topic for office chatter. One question is constantly being raised: is your company ready?
Let’s cut to the chase; if you haven’t started preparing for this new regulation, then here’s where to begin.
Check your knowledge
If you’re still unsure about what changes this new data protection regulation includes and how it affects data handling in your company, it’s about time you read the facts. Research the changes, learn the important information that will likely affect how your company works, and speak to your colleagues.
For a summary of the changes taking place, visit the official GDPR website.
Review your current data handling protocols
Once you’ve done the research, review how these changes may affect how your company currently handles and protects data. If your organisation is already following good data protection practices or applying privacy by default, these new guidelines will cause little change. Elsewhere though, the GDPR will drastically affect the ways in which companies store and use data. It is likely to encourage refinement of data handling and retention processes, more explicit and granular consent, and shift the prerogative of ownership to the data subject.
Ensure it’s taken seriously
Colleagues and employees alike are exasperated by the constant reminders and conflicting advice about this new data protection regulation. But it’s important that the consequences are taken seriously. If one employee in your company doesn’t comply with the new changes, it affects everyone. Yes, the rumours are true, the fines are astronomical and in some cases, enough to bankrupt a company. So gentle nudges can’t go a miss.
We’ve said it before and we’ll say it again, the unfortunate truth is that data breaches will happen. It’s not really a case of if, but when. If your company or organisation is the victim of a cyber attack, it’s how the issue is handled post-breach which really makes a difference. Under GDPR, breach notification will become mandatory – data processors will be required to notify their customers, the controllers after first becoming aware of a data breach. So be prepared and have a protocol in place for dealing with data breaches.
It’s an ache in our back and a pain in our side, but we must remember its less than five months until the legislation is in place. With GDPR just around the corner it is important to be prepared. The best cure is prevention so in order to avoid penalties, the importance of these changes needs to be taken seriously.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?Log in
Want to have an account with us?Register
Want to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.