Got tons of data? How can you make sure you can’t be fined 20 million euros? Check these 10 steps for GDPR compliance requirements!
GDPR Law And Your Data
May 25th, 2018- a new law has been put into effect. This is all about how we store and use data. You sure deal with a lot of them! Data of your employees, clients, or of your suppliers. This law shall affect how we take care of these data we have.
Data could be anything that identifies a person. This is often called PII. Or the ‘Personally Identifiable Information’. It includes a person’s name, SSS number, contact numbers, or email address.
How serious is this? You could just be fined 20 million euros! You sure need to comply!
How can you make sure you’re putting this new law in effect? Check these 5 tips to help you with GDPR compliance requirements.
5 Tips To Help You With Compliance
1. Organize Whatever Data You May Have
Whatever data you may have, store it in an organized manner. This is helpful for two reasons.
For example, what if someone may ask you for their data. It is then your responsibility to give it as soon as possible. Also, you need to ensure the accuracy and completeness of it.
Second, if ever GDPR will conduct an investigation. Whenever this happens, having organized data must help you be compliant. This shows them that you know what data you’re having.
Thus, being organized with your data helps a lot! Both in dealing with your data subjects and with GDPR.
2. Ensure Safety To Your Data
What safety measures do you implement to make sure your data is secure? If it is stored online, are you sure it is safe from hacks and leakage? Do you have anti-virus software? What if that data is lost? Can you remotely erase that data to avoid access?
Another, if you are having it offline. Do you have a safe, even fireproof storage of it? You should make sure this is only accessible to authorized persons.
Above all, record these safety measures in your risk assessment. This must inform each member of your team what’s happening. In addition, this prepares you should an investigation occur. These steps shall show your compliance and concern of the law.
3. Do Not Keep Unnecessary Data
If you have the data, always make sure you are clear about your intentions. You cannot be storing that data for future purposes.
4. Be Clear With How You Process The Data
Receiving the data, you should be clear about how you are using that data. Have a clear written processing policy. Moreover, GDPR requires the way this is done. This policy should be written in simple, layman’s terms. The person giving in his data should know why he’s providing this data.
5. Have A Process In Giving Back Data
The GDPR requires you to provide the personal data back to its owner. Whenever the owner wants it back. Do you have a clear process readied? This is important to ensure that you can easily provide the data back. Above all, in a systematic manner. And as soon as it is possible.