Together with the Directive on the Processing of Personal Data for the Purpose of Crime Prevention, the GDPR represents the most ambitious and comprehensive changes to data protection rules in the last 20 years. The introduction of new rights for individuals, such as the Right to be Forgotten and the Right to Portability, as well as the introduction of mandatory breach notiﬁcation, are likely to increase the regulatory burden for organisations. Businesses need to review their current data protection compliance programmes to determine the appropriate next steps and decide on the level of investment they need to make over the next two years to address the changes.
Regardless of the UK’s status within the European Union, if your business offers goods or services to any citizens of a member state, you will need to comply with GDPR legislation.
To comply for the new EU GDPR, organisations will need to have a clear understanding of their current compliance position. An important ﬁrst step will be for organisations to have clarity of their personal data processing, including:
• What personal data they process
• Where it is across their organisation
• Where it is transferred from and to (including to third parties and cross-border)
• How it is secured throughout its lifecycle
• GDPR Quickstart Assessment Workshop to establish key GDPR gaps
• GDPR Executive Brieﬁng – GDPR awareness and risks
• Privacy impact Assessment – Assessments of privacy risk across new systems or projects
• Training for new Data Protection Officers
For more information on how Northdoor can help you achieve GDPR compliance rapidly, efficiently and at low cost, contact us for an assessment.