For organisations that are serious about transacting within the EU with the intent on using individuals personal data, the GDPR regulation is an improvement of the current Data Protection Regulation with the goal to ensure information security posture and reduce cyber risks. GDPR is a commonly adopted voluntary global standard for information security compliance in the European Union. Providing a consistent benchmark to measure information security best practice across different entities, GDPR engenders a level of trust that can generate real competitive advantage.

With the inevitable GDPR coming into effect 25th May 2018, here are the article areas that NETconsent cover:

  • Awareness - Identifying areas that may cause issue and putting policies in place for employee education.
  • Consent – Create legally valid proof of employees having seen, understood and agreed  to policies.
  • Legal Basis for Processing Personal Data - Identifying legal basis and documenting it. 
  • Subject Access – Disseminate information on a need-to-know basis. 
  • Individuals’ rights – Provide up to date documentation that can be delivered to the whole organisation.
  • Data Breaches – Communicate important corporate messages direct to users’ desktop. 
  • Data Protection Officers – Analyse, track, present, manage policy & risk management information. 
  • International – Multi-lingual software covering 12 languages and counting providing documentation to international employees

Breaching the new GDPR regulation will cost your organisation and depending on which articles  you have breached will set the level of the fine. The fines are set at up to €20 million or 4% of your global annual turnover or a lesser fine of €10 million or 2% of your annual worldwide turnover. 

About GDPR

Created by the European parliament, GDPR is intended to strengthen and protect the interests of individuals data across the European Union. Set to apply on the 25th of May 2018, this regulation needs to be complied to by any organisation who practices the transaction of personal data within the EU.  The drivers behind GDPR are so people have more control over how their personal data is being used by strengthening data protection legislation and introducing tougher enforcement measures in the hopes of improving trust in the emerging digital economy.  
Challenges for GDPR

Challenges concerning GDPR will vary depending on the structure of your organisation. For example, does your organisation have a data protection officer in place? Do you know where all your user data has come from and how it is managed? Challenges such as these need to be addressed before the regulation comes into effect  May 25th 2018.

GDPR Requirements

GDPR requirements includes the Scope of data which is collected of EU residents, Single set rules which will apply to all EU states, Responsibility and Accountability, Consent of data, Data protection officer appointed, Legal obligation to report data breaches, The right to be forgotten, Data portability and Privacy by design.