Late in the GDPR Game?
You can still do a lot!
Everyone is talking about the fines; we want to discuss data attitude and data process
Everyone is talking about the fines; we want to discuss data attitude and data process
GDPR will affect every business and public body that processes the personal data of EU residents, including individuals on behalf of other businesses. It’s an illusion to have the impression that only IT Departments are responsible for data protection. Departments that are well impacted are the ones that receive, hold or process personal data (HR, Accounting etc). The GDPR will apply from the 25th of May, 2018 to organizations if they: (i) offer goods or services to EU residents; or (ii) monitor the behavior of EU residents (e.g., organizations that offer online businesses). For the most serious violations, privacy regulators will be able to impose penalties of up to €20m or 4% of global revenue (whichever is higher). Organizations will be under greater obligations to provide assurance to their boards, customers and regulators that their data protection processes and procedures are fit for purpose.
What is processing? Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
And what do we mean by personal data? We mean identification (name, age, residence, occupation, marital status etc.), physical characteristics, education, labor relations, economic situation, electronic traces, interests, activities and habits.
GDPR consulting is a service that relies on business and technical knowledge of data flow and supporting processes. We can:
For more information on how we can work together, download our presentation here or email us in confidence at gdpr@publisto.com.