GDPR hoops

GDPR hoops

Firstly, this is JUST a heads-up for those of you who may need to consider the implementation of the General Data Protection Regulations. DISCLAIMER : This is by no means a comprehensive guide. You must do your own research and consulting to make sure you are in compliance. A lawyer told me that GDPR replaces the Data Protection Act. He went on to say that there is a major difference in the nature of the new regulation. The old DPA sought to regulate the way data is stored, and how it’s accessed, processed and so on. GDPR sets out further to ensure that data is handled capably by all those with access to it, attending to its security, controlled access, accuracy and so on. Data ‘holders’, to give them a name, must demonstrate their accountability. They must show that processes are in place and implemented. Organisations may be subject to an audit of their procedures in terms of their GDPR compliance. Note, this is BEFORE any breach of data, or its use, or misuse, has occurred. As either a ‘Data Controller’ or ‘Data Processor’, you have responsibilities governing what you do with data in your possession. There are aspects to holding data under the GDPR – Transparency  – You must reveal data you hold on a subject, to that subject Consent –            You must have the data subject’s permission to hold that data, and consent to send emails, or text messages for example Accuracy –          Any data you hold must be correct, to the best of your knowledge Deletion –...