Friday 25th May. The GDPR compliance date has
Over the last year or more, companies all over the EU
have been preparing for this date. From our own experience, we know that the
preparation itself has been intense!
The GDPR Spring
The first and most important phase which has been
ongoing, is the preparation for the 25th May. This will vary from
business to business but in most cases has involved:
A company wide data audit – what/where/when/why/how
– putting all data through its paces, so that anything existing is compliant
Creating transparency in processes – new policies
and agreements in place so that subjects and controllers are aware of how their
data is used
Training – all important. Employees are aware of
what they need to do.
Some of these tasks have been very time consuming, and
for many there is big sigh of relief that the 25th May is here and
everything is done. Or is it?
The reality is that this date is simply a start date. It
is true that there was vast amount of preparation which needed to go into GDPR
compliance for each company, but now comes the second phase. Staying compliant.
The GDPR is an absolutely necessary adjustment in data
protection laws, to protect personal data in our evolving technological world.
It is designed to ensure that all businesses have a privacy by design approach.
Essentially this means that data protection comes first and foremost, in every
business activity, and this means ongoing work.
Keeping track of your data is absolutely essential and
will not only reduce the risk of attracting hefty fines for non-compliance, but
will also create a measure of trust between you and your clients, and suppliers.
Their data is well managed and safe in your hands.
As with a lot of GDPR subjects, this is easier said than
done! But as software providers, we realised that there could be a much easier
way to manage data and keep accurate records, which would make GDPR compliance
i-Comply-GDPR does exactly what it says on the tin! You
will have peace of mind, knowing that your GDPR compliance is managed, and
without the huge price tag of a specialist consultant.
Data asset register, so you know what type of
data you hold and where it is.
Reminders and tasks to keep you on track with
Ticketing system to manage everything including
subject access requests.
A full audit trail just in case you need it.
for more information.