The General Data Protection Regulation (GDPR) will apply from 25th May 2018 to all organisations that process European residents’ personal data. Under GDPR, businesses that fail to comply with the Regulation and suffer a data breach could face fines of up to €20 million or 4% of global revenues – whichever is greater.

Make sure your company is protected

Key Steps to take towards Compliance

• Website Compliance (privacy and cookie statements and cookie banner)

• Train your staff

• Make a list of all personal data that you hold by looking at your processes

• Assign lawful basis to personal data

• Data Processor contracts

• Create Policies and Procedures

• Implement Breach notification procedure

• Ensure your organisation can comply with any Data subject requests.

• Encrypt Laptops

• Be able to wipe lost mobile phones remotely

• Use passwords on documents containing sensitive data - Build passwords that are strong. Use eight characters with one upper and one lower case, a special character like as asterisk and a number. The more random the better.

Source of further information

Data Protection Commissioner - www.dataprotection.ie

http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52012PC0011&rid=2

Disclaimer

This blog is intended purely for guidance and does not constitute legal advice or legal analysis. This guide is intended as a starting point only giving you general information and a general understanding of the subject and not to provide specific GDPR advice. This information should not be used as a substitute for competent advice from a GDPR Expert.