GDPR Compliance

Despite the deadline for GDPR passing, compliance is always ongoing. In this new GDPR world, there is still much uncertainty about some of the technicalities of the regulation, and many organisations are still not fully compliant.  Whilst there may be some initial leniency from regulators in the early stages of legislation, breaching GDPR could still result in fines of €20 million or 4% of annual turnover, whichever is greater.

"Keep on top of the most radical change to data regulation in a generation"

Kindus provides support and advice throughout the migration to GDPR compliance. This runs from a gap analysis, identifying areas for attention through data security provision, advice and staff training. Here are some of the main steps needed to become GDPR-compliant:

  • Awareness – Ensure all staff are aware of the requirements of GDPR and how it will affect their working practices.
  • Privacy – Review your existing data privacy procedures and ensure they will meet the new GDPR standards.
  • Right to be forgotten – Consider how you will identify and delete personal data when requested.
  • Access requests – How will individuals’ data access requests be handled within the GDPR legislation time frame?
  • Consent – Has this been granted, and are existing procedures robust enough for GDPR?
  • Data loss – Ensure that appropriate measures are in place to protect personal data.
  • Privacy by design – New procedures for data gathering will need to ensure that personal data is protected as it is gathered.
  • Data controller – Someone must be appointed to oversee and take charge of the new data protection procedures.

For more information on GDPR, please read our blog post on the ways organisations are responding to the demands of the regulation.

The aftermath of GDPR

The dust has now settled on the much-anticipated implementation date of GDPR – 25 May 2018. For the first time, GDPR has started to enter wider public consciousness. The notorious tsunami of emails that most people have received, requesting consent to receive marketing content and data processing, could hardly make you forget about the regulation. But now the deadline has passed, how many organisations are actually fully compliant with GDPR? How will some of the more ambiguous elements of GDPR actually work in practice? Will regulators immediately and harshly clamp down on non-compliant organisations? These are some of the things that this article will focus on.

Read More arrow