How To Take The Lead On Applying The New GDPR Regulations
Especially within your organization.
Data Privacy. Data Security. Facebook. Mark Zuckerberg grilled by the US Congress. GDPR. What is all that about?
These days, it seems like there is too much to think about in terms of managing and protecting your data privacy and security. As both a professional and personal user, we browse the world wide web at our own risk. How many times have we just clicked “I agree” or “ok” without even reading the Terms of Service or Privacy Agreement. Well, things are about to get even more complicated, maybe a little annoying, and downright scary!
If you haven’t heard about the General Data Protection Regulation (GDPR) law ratified by the European Union in April 2016, it’s all you are going to be hearing about from now until the May 25, 2018 compliance deadline. This is a new European law establishes one single set of data protection rules across Europe. But wait, you might be thinking, “I’m not in Europe”! It doesn’t matter. All organizations outside of the EU, who wish to interact or transact with any EU citizen or EU organization, will be subject to this regulation whether they like it or not.
GDPR is designed to give individual users better control over their personal data that is collected and stored by any organization. It pertains to protecting the personal data of individuals, directly or indirectly, whether they are accessing public, private or employer sponsored online channels.
GDPR regulations will require implementing specific protocols for the handling and processing personal data. This includes data security, data usage and record keeping, consent acquisition, management and tracking, breach notifications and reporting, privacy impact assessment, data subject rights, and cross-border data transfers.
So, what can you do now to take leadership within your organization to deal with the new GDPR regulations?
1. Get educated. Here is a GDPR for Dummies Slide Share where you can learn some very basic information about GDPR. Click the following for the UK’s Guide to the General Data Protection Regulation, where you can find a Data Protection Self-Assessment Tool and a document outlining the GDPR: 12 Steps to take now. There is also a helpful FAQ on the EUGDPR.org website.
2. Conduct an organizational self-assessment. Get your IT team onboard sooner rather than later! (see link to self-assessment toolkit above.)
3. Designate resources (human/financial/technical) to this issue. This might mean short-term resources such as creating a project team, or allocating long- term resources such as appointing a Data Protection Officer. It depends on the size of your organization and how exposed you determine your organization may be in terms needed compliance with the new GDPR regulations.
Take action today! This is an extremely import issue facing all organizations or schools using digital technology to reach and communicate with clients, customers, and students inside the EU. For the Aimee team, this is one of our top priorities, and we’re taking the lead into ensuring all GDPR regulations are being implemented. If you have any questions or concerns, please feel free to contact us by sending an email to marketing@aimee.bio.
