With increased rights for data subjects and heavy fines for businesses we have set a simple guideline which businesses should be considering now in preparation for the new General Data Protection Regulation (“Regulation”) which will be in force in 2016. These include the following:
Determine whether your organisation is subject to the proposed Regulation by assessing if business is carried out with European customers or customers outside of Europe.
Determine whether your organisation is subject to the proposed Regulation by assessing if business is carried out with European customers or customers outside of Europe.
- Carry out an audit of the data held by your organisation;
- What data do you have?
- Why do you have it?
- How long you have held the data?
- How you use that data?
Ensure contracts with data processors are thoroughly reviewed (for example) to determine where cloud data is hosted, how it is backed up and how it is encrypted.
Carry out a gap analysis of the systems and processes you currently have in place: consider which other things will require implementation to demonstrate your compliance with the new Regulation.
Once you have carried out your analysis above, implement systems and procedures to ensure compliance with data protection laws. These may involve putting any policies and procedures in place to handle issues which arise (such as what should staff do in the event of complaints/data breach/subject access request).
Review your company processes as to how customer consent to marketing is obtained and recorded within your organisation. Content source....
Contact Details:
Nath Solicitors Limited
4/4a Bloomsbury Square,
London, WC1A 2RP
Tel: 02076816073
Mob: 07545813894
Email: shubha@nathsolicitors.co.uk
Web: http://www.nathsolicitors.co.uk/
Carry out a gap analysis of the systems and processes you currently have in place: consider which other things will require implementation to demonstrate your compliance with the new Regulation.
Once you have carried out your analysis above, implement systems and procedures to ensure compliance with data protection laws. These may involve putting any policies and procedures in place to handle issues which arise (such as what should staff do in the event of complaints/data breach/subject access request).
Review your company processes as to how customer consent to marketing is obtained and recorded within your organisation. Content source....
Contact Details:
Nath Solicitors Limited
4/4a Bloomsbury Square,
London, WC1A 2RP
Tel: 02076816073
Mob: 07545813894
Email: shubha@nathsolicitors.co.uk
Web: http://www.nathsolicitors.co.uk/
No comments:
Post a Comment