ABOUT COOKIES ON THIS SITE

We use cookies to personalize content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners.

Cookie policy
Cookie Settings Accept Cookies
Content
Keep a detailed record of all processing activities Accountability and transparency are key Data Protection Officers Data breach notification Compliance must be demonstrated, let's embrace it!

Adieu, Big Brother. Here are the new privacy rules:

May 22, 2017
Privacy remains a hot topic. Are there any boundaries to our privacy in an era where social media rules? How should we handle the personal data provided by employees, customers or suppliers? Can we freely ask our customers to provide their data for marketing purposes? Are your employees entitled to request your HR department for a deletion of some personal data?

The new General Data Protection Regulation (GDPR) answers all of these questions.
Keep a detailed record of all processing activities Accountability and transparency are key Data Protection Officers Data breach notification Compliance must be demonstrated, let's embrace it!
GDPR, which will come directly into effect in all EU member states on May 25, 2018 and obliges companies to safeguard the privacy of data subjects.

As the new regulation will affect all organizations that handle personal data, we need to ask ourselves why this regulation is so important and how companies can get properly prepared for it. It will be key to prepare sufficiently since GDPR introduces high sanctions for non-compliance, including revenue based fines of up to 4% of annual worldwide turnover or €20 million in cash, whichever is higher.

Which substantial changes are coming our way?

Keep a detailed record of all processing activities

Companies will have to keep records of personal data processing (under article 30, GDPR). Such records state what types of data are recorded, with whom this is shared and which safety precautions have been taken to protect this data.

Accountability and transparency are key

GDPR requires companies to demonstrate more transparency and to respect the increased rights of data subjects such as the right to be forgotten, the right to data portability, the right to rectify, the right to object and the right to restriction of processing.

Consequently, policies, contracts and supply chains will need to be reviewed and realigned as much as possible, in order to be in accordance with the GDPR before it comes into effect.

Data Protection Officers

The GDPR obliges private companies whose core activities consist of processing operations that require regular, large-scale and systematic monitoring of data subjects to appoint a ‘Data Protection Officer (DPO)’.

Article 39(1)(b) of the GDPR entrusts DPOs, among other duties, with the duty to monitor compliance with the GDPR. Recital 97 further specifies that the DPO ‘should assist the controller or the processor to monitor internal compliance with this Regulation.

If you process data on a small scale, it is still key that HR, IT, Risk and Legal are well aware of the new regulation in order to secure the internal data flows and data processing activities so that they follow the GDPR requirements.

Data breach notification

One of the most significant changes that is introduced by GDPR is the requirement to notify data breaches to supervisory authorities and the affected individual no later than 72 hours after discovering it.

Compliance must be demonstrated, let's embrace it!

As with so much of GDPR, being able to demonstrate that the appropriate measures were undertaken will be key. That’s why GDPR compliance can be considered an ongoing process that will require the support of a multidisciplinary team (in-house or via consultancy).
Author: Florence Leterme. You can follow Florence on Twitter or connect with her on LinkedIn.

 

Preparing for GDPR made easier: watch our webinar
Related Content
What is delaware PH's new normal?
We miss all of you, clients and partners! Like you, we are raring to go back on track with our digital transformation projects, especially now when customer and employee touchpoints and operations have to be online.
Finance
Employee Experience
IT
Operations
Read more
Issues of Cost Management that Can be Solved with SAP S/4 HANA
Many companies are struggling with cost management. Keeping watch of funds and costs is time-consuming. You can also run into inaccuracies and natural human errors, all of which are natural occurrences. There is a cost management solution out there that you can use. That’s SAP S/4 HANA. But first, it’s important to identify the challenges you currently face before shifting to this platform. Curious? Scroll down to learn more.
Finance
SAP
Professional Services
Read more
Food and Beverage Compliance Made Easy with SAP
Food safety is a scientific discipline that’s concerned with the handling, preparation, and storage of food to prevent foodborne illnesses. A sap consultant in the Philippines can assist you in managing your food and beverage compliance with the unique capabilities of SAP.
Operations
SAP
Food
Read more
Food Processing with SAP
Storing your digital data using cloud service providers in the Philippines can help keep all your records safe. This is essential, especially if you’re in the food processing industry. If the capabilities of cloud service and SAP are combined, you can create a fast database to keep track of important changes in your business.
Operations
SAP
Food
Read more