GDPR Compliance
Introduced on the 25th May 2018, the EU General Data Protection Regulation expands the rights of individuals to control how their personal data is collected and processed, and places a range of new obligations on organisations to be more accountable for data protection.
The regulation requires organisations to demonstrate compliance with the following key principles:
-
Lawfulness, fairness and transparency
-
Purpose limitation
-
Data minimisation
-
Accuracy
-
Storage limitation
-
Integrity and confidentiality (Security)
-
Accountability
This involves taking a risk-based approach to data protection, ensuring appropriate policies and procedures are in place to deal with the transparency, accountability and individuals’ rights provisions, as well as building a workplace culture of data privacy and security.
The EU ePrivacy Regulation takes on board all definitions of privacy and data that were introduced within the EU GDPR and acts to clarify and enhance the law. It applies to any business that provides any form of online communications service, uses online tracking technologies, or engages in electronic direct marketing.
We can support your business in achieving compliance with any of the following activities:
-
Data Mapping and Data Flow Audits
-
Data Protection Impact Assessments (DPIA)
-
GDPR Awareness
-
GPPR Gap Analysis
-
Information Security Management Systems (ISMS)
-
Personal Information Management System (PIMS)
-
Data Privacy Policy and Procedures
For more information on our GDPR Compliance services and to see where we can support you, please get in touch using the contact button below.
We’re all going to have to change how we think about data protection
Elizabeth Denham
UK Information Commissioner