The General Data Protection Regulation (GDPR) is an EU legal requirement. The UK Data Protection Act (2018) incorporates the GDPR into UK law.
Personal data for individuals shall be processed lawfully, fairly, and in a transparent manner.
People need to be told what personal data is being collected and for what purpose.
Personal data shall be collected for specified, explicit, and legitimate purposes. It shall not be used for any other reasons that conflict with these purposes.
Personal data shall only be kept and processed for as long as it is required for that purpose and for no longer than that.
A Data Protection Officer (DPO) is required if you process large amounts of sensitive personal data or systematically monitor Data Subjects on a large scale.
Personal data must be kept up-to-date and accurate.
People have the right to receive a copy of their data, or can request that their personal data no longer be used. Insome cases, they can have it erased entirely.
Organizations must implement appropriate security measures to protect personal data against accidental or unlawful destruction, loss, alteration, or disclosure.
In addition, organizations need to ensure all staff members who handle personal data are properly trained in how to secure and protect that data.
Viewing entries tagged
OUR GUIDE TO THE DPO DECISION
a guide to gdpr compliance for your website
It’s only a few months until the General Data Protection Regulation (GDPR) comes into force, with May 2018 almost upon us. The new regulation created by the European Commission aims to standardize data protection procedures. Companies will be required to comply with measures regarding the data they hold and how it’s managed.
Data protection goes beyond being a legal necessity, but is also an important step in creating trust with your stakeholders, customers, clients and associates. It’s a process that requires transparency from your organisation and it's practices. There are several steps you need to take now in order to make sure you’re compliant with the new regulations, and we’ve presented a guide below to make sure you’re following best practices for your company's gateway i.e, Website:
For more guidance materials or tailored advice on GDPR & UKDP from subject matter experts, reach out to Securestorm here. We specialise in a range of Data Protection as a Service offerings including, GDPR Assessments, GDPR Planning & Management, DPO Services, Data Protection Impact Assessments and Privacy Management Services, to name a few.