How many businesses can efficiently handle a request from consumers where they have to show the data that’s held about them, where it’s held, who stored it, who looked at it, who changed it, if it was shared – when, by whom, with whom?
EU citizens are being given world leading digital rights from May 2018 that will have profound implications for businesses in Ireland AND the UK.
Under the GDPR directive, consumers have to consent to the use of their data. They can withdraw that consent or request to see the data that companies have on them.
Every business – big and small will have to demonstrate that they have data workflows and controls in place that comply with GDPR.
Non compliance is not an option; breaches are being given three days to be fixed or come with fines of 4% of annual turnover.
As businesses owners and managers we need to start making preparations for the introduction of the GDPR. It’s time to start thinking – and acting – long and hard about how we manage consumer and personal data.
Compliance may not be as complex as it first seems. Some changes we can make to our data management process can be speedy and procedural. But we need to find out. Conducting a gap analysis to assess any privacy risks associated with business processes and activities is a good first step. Only from a place of self-awareness can businesses review processes and practices for seeking compliance.
Source: Business Achievers