Last year, European Union (EU) announced the General Data Protection Regulation (GDPR). Their previous policy was made in the 1990s. The regulation doesn’t only affect the EU but all countries that may touch their data. If your organization handles any form of data, you should be prepping for GDPR. The policy goes into effect officially on May 25, 2018. Is your organization ready for the implementation of GDPR? Here are five steps that you should take to prepare for GDPR:
1) Educate Your Staff
Your staff needs to be made aware of GDPR. According to the EU’s GDPR website, it was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy. Anyone in your organization who handles personal data will need to be informed about the regulation. Informing you’re staff prepares them for upcoming changes that your organization may face due to the law.
2) Review Your Current Policies
What are your current policies? Do these policies abide by the new regulations? If not, they need to be revised to meet the GDPR standards.
3) Identify Key Partners/ Vendors
Don’t be guilty by association. Make sure the companies you work with are also following the GDPR polices. Connect with your partners and vendors including CRM, public cloud services, and other SAAS that share personal data. If your partners are not following the GDPR, then you need to look for new partners.
4) Create a Road Map
Now that you identified the problems in your current policies you need to correct them. Create a road map to list all the issues with a timeline. The timeline will ensure you make the changes before May 25th. Fines for not complying with the regulation can cost up to 20 million pounds.
5) Update Your Policies
If your process and policies do not align with GDPR update it company-wide. Revising your organization’s policies will help improve your overall security and privacy.
Remember to make sure your ITAD partner is following the GDPR. Liquid Technology is up to date with GDPR. We are also proud to have R2 and eStewards certifications. To learn more about our safe and secure data destruction services click here.