GoBuyside Understands Data Subject Rights Under the GDPR

One of Northern Ireland's top judges will give a rare level of judicial insight into the EU General Data Protection Regulation (GDPR) at a seminar hosted by Carson McDowell tomorrow. But what is GDPR?

The compliance deadline is also imminent - 25th May 2018. Aware that numerous EU nations were setting varying data protection standards, the European Commission made a decision to standardize and streamline the protection of data for its citizens. Back in August 2016, WhatsApp said that it would be sharing the data of users with its parent company Facebook, which created a lot of buzz on the web. Eventually most companies will need to abide by the new data protection standards, so don't put off getting in the know on what your organization needs to do to be compliant.

"If it is simply for knowing who is in the building at a given time, then the main points to make are data privacy". Many believe this also transfers the responsibility for security and data protection.

Those who do not comply with GDPR and do not make the appropriate changes in time for its implementation will suffer from intense fines.

Completing an impact assessment: assessing the current level of compliance, documentation & compliance processing and undertaking a gap analysis. This originated from an early draft of the GDPR which suggested "large scale" data processing was based on the aforementioned figures. Similarly, the goal of the GDPR is to shield European Union citizens from privacy and data breaches in a progressively data-driven environment that has drastically evolved since the 1995 directive was created. Presently, controllers are required to notify local data processing authorities of data processing activities. An email provider that offers security, such as the ability to block sending certain files or information outside of the business, add peace of mind to businesses; whilst cyber-attacks are on the rise and hit the headlines daily, accidental disclosure accounts for 44% of data leaks (Verizon). Educational establishments will have to prove that they are working with a credible organisation when it comes to the disposal of data. Forty-two per cent of the respondents indicated they do not have procedures and internal processes to handle personal data. Information audits will need to be taken out by educational establishments.

Organizations need to get out in front of new data protection legislation like GDPR, giving special consideration to communications technology.

Question how to dispose of data that isn't needed and safeguard the information that's relevant. These are in scope, but so are other systems like voice, IVR, chatbots, team collaboration systems, messaging apps, social media, and networks that these systems operate - any place personal data is collected, stored, or transmitted. It's vital to continuously review the methods you have in place within an education sector when dealing with data and become more knowledgeable about the subject. All staff handling data should be aware of these procedures, appointing a data protection officer could be a worthwhile investment.

2020 Vision, a supplier of efficient access control systems, researched and provided the information for this article.