In under four months, Europe’s data protection regulations will undergo the biggest modernization in two decades. The EU’s General Data Protection Regulation (GDPR) is set to be enforced by 25 May 2018 – at which time non-compliant organizations will face heavy fines of up to 4% of their annual turnover.
At present, Gartner predicts that by the end of 2018, more than 50% of companies affected by the GDPR will not be in full compliance with its requirements.
Accountability
Demonstrate compliance by maintaining a record of all data processing activities
_______________________________________________________________
Data Protection Assessment Impact Analysis (DPIA)
Conduct DPIA if the processing activity is likely to result in high risk to the rights of individuals
__________________________________________________________________
Data Security
Keep Personal Data secure through appropriate technical and organizational measures
_______________________________________________________________
Data Breaches
Report data breaches within 72 hours to the regulator
_______________________________________________________________
Data Protection Officer
Appoint Data Protection Officer if processing sensitive data
_______________________________________________________________
Data Transfer
Transfer data outside EU if appropriate safeguards are in place
Key Highlights:
To assess readiness of your firm with GDPR, you can use the below checklists published by Information Commissioner’s Office: