In May 2018, the GDPR (General Data Protection Regulation) changes will be coming into force. The intent of GDPR is to bring together and update existing data protection regulations within the EU, ensuring they reflect how companies now engage with data.
Whether you’re a candidate, a recruiter or a business here are the 3 things you must know about the GDPR introduction in May 2018:
1. Who is it for?
The new GDPR rules apply to all businesses, inside and outside the EU, who offer goods and services to individuals in the EU. These companies will have to keep full records of all personal data processed, including the type of data and what it is used for. Privacy audits will be done to check if companies are compliant.
2. How do I obtain consent?
Here’s what the new GDPR rules say:
Consent to the processing of personal data must be freely given, specific, informed, unambiguous and displayed by a statement or by a clear affirmative action.
In other words, when people fill in a web form it should clearly mention why the personal data is being taken, what the company is going to do with it and how people can withdraw it.
Also, if clients withdraw their consent, all the data held about them has to be deleted. And in case of a personal data security breach, clients have to be informed if their data has been hacked or stolen.
3. How do I prepare for it?
With May’s deadline fast approaching, you can’t start early enough to prepare for the introduction of the GDPR. You start by taking stock of what you need to do to make sure your current data is compliant.
Identify where you capture customer data, what systems you use to store this and how these systems need to be upgraded to be compliant. New GDPR legislation means you’ll be required to maintain records of how you process all information within your company.
Finally, you are going to need to set up procedures for how to deal with a data breach. A data breach means customers could suffer damage in the form of identity theft or a confidentiality breach.
ABCV Solutions are taking the GDPR introduction extremely seriously. Complying with any regulations on data protection and privacy is key to the integrity of our business.
We are currently undertaking an internal data audit and based on the findings we will update our systems and policies accordingly. We will develop guidelines on how we store client information and what rights clients have to access and delete their data.
We will keep you up to date on the progress we’re making in preparing for the GDPR introduction.
If you have any questions, please don’t hesitate to contact us at firstname.lastname@example.org