gdpr compliance

  •  

     Binding Corporate Rules

    In order to reflect the requirements of GDPR, the Article 29 Working Party (WP29) has published the following updated guidelines on Binding Corporate Rules (BCRs):

    •  Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules (WP 256)
    • Working Document setting up a table with the elements and principles to be found in Processor Binding Corporate Rules (WP 257)

    The tables have been amended to meet the requirements of Article 47 GDPR, in order to clarify the necessary content of BCR's and make the distinction between what must be included in BCR's to be presented to the competent supervisory authority in the BCRs application. The amendments will also effect corresponding the principles with the Article 47 text references for controller BCR's, as well as providing further guidance on each of the requirements.

  • GDPR complaint document handling

    Document management solutions provide:

    • structured organisation and control of documents
    • enable search
    • provide document security, audit, versioning
    • capability to manage retention

    What they are not necessarily capable of is identifying and separating personally identifiable information (PII) from everything else in each document.  

  • GDPR compliance

    According to recent survey, 17 out of 24 regulatory authorities were unprepared for the General Data Protection Regulation (GDPR), when it was introduced on 25 May 2018.

    Regardless of these statistics, organisations cannot afford to become complacent, as all businesses are at risk of data breaches. Therefore, GDPR compliance must be continually enforced.

  • Marketing data prior to 25th May 2018

    Imagine the scenario: you hold marketing data, collected from lead generation firms, meetings, seminars etc maintained as a contacts database for marketing purposes. You have already contacted some of the people on this database, but others you have not.

    In order to comply with the GDPR requirements you need to know:

    How is this affected by GDPR?

    Do you need contact all the earlier contacts to get consent?

    Can this be deemed legitimate business use?

  • Subject Access Request outside of the EU

    On some occasions, an EU subject may require a Subject Access Request (SAR) which involves a transaction outside of the EU. Therefore, data processors must be aware that a data controller outside of the EU will not necessarily give up any or many obligations to the General Data Protection Regulation (GDPR).

    So, the question is whether data processors need to address the Subject Access Request without the controller or not?

  •  Technical Initiatives to stay privacy safe

    Data protection is a term to over-arch the mitigation against failures in protection (confidentiality), accuracy (integrity) and access (availability) that can cause an impact to data subjects and ultimately, your business. Compliance is about the governance of the GDPR, and non-technical measures to adopt and adapt.

     Risk-assessments enable the decision-makers consider everything from contractors leaving with passwords and insider-knowledge and lead to changes in technology, anonymisation of databases, deletion of old, unnecessary records, role-based access to customer data and so on. 

    But what about technical support and access to customer data, particularly when required on a large-scale? What measures are available to manage, minimize and control this?

  •  

    Top ten GDPR priorities

    1. Manage expectations - GDPR ‘compliance’ is a matter of constant review, adoption of policies and adaption of processes. Plan, develop and sustain.

     

    2. Continued awareness and training for staff.

     

    3. Update your privacy policy, consent capture and recording.

Make a free enquiry, call now

0151 659 1070




Please let us know your name.



Please enter a valid telephone number



Please let us know your email address.



Please let us know your message.

Please tick the box below

Invalid Input

Invalid Input
I understand that by submitting my query to you, my personal data (name, email address and contact number) will be processed by you in order to contact me and assist me with my query. I confirm I have read and understood the Privacy Notice and I consent to you processing my data for the purpose of contacting me to assist me with my query.




How can we help you?

To find how our friendly and knowledgeable solicitors can help you, contact us today.

Make a free enquiry - Call now - 0151 659 1070