An introduction to GDPR

16/04/2018
Insights

1. Essentials of GDPR

Since 25 May 2018, all European organisations or those active on European territory must be compliant with the new regulation “on the protection of individuals with regard to the processing of Personal Data and on the free movement of such data”.

The intent of the European Union is to offer its citizens a very high level of protection. In case a company fails to respect the regulation, citizens can file a complaint with their Data Protection National Authority.

The GDPR obligation for Personal Data refers to 3 main challenges:

  • To respect the rights of the people concerned: access, correction and deletion rights.
  • To protect the Personal Data against loss, theft or accidental or voluntary misuse.
  • To prove your compliance related to consent and purpose justification

More details can be found in the white paper “5 steps to minimize your GDPR-related efforts”, which you can donwload on this page.
 

2. GDPR bottlenecks

All organisations – even those active in B2B – face the following facts in their current operations:

  • Not knowing about WHOM they process information   
    (it is more than just about employees and contacts)
  • Not knowing WHAT type of Personal Data they process                                  
    (it is more than just HR and CRM data)
  • Not knowing WHERE the Personal Data is stored                              
    (it is more than just in structured databases)
  • Not knowing WHEN and WHO consults, modifies, transfers, …
    the Personal Data
  • Not knowing HOW Personal Data is or can be protected
    in ICT systems and in case of paper storage.

The traditional GDPR implementation approach does NOT answer the above questions.

Depending on extra effort from your co-workers is NO guarantee for your GDPR compliance.

3. Best Practice overview

We at Knowliah like to share our Best Practice for a simple, quick, partially automated and affordable approach to implement GDPR compliance without worries.

This paper is intended for all SMEs and other organisations suffering from the GDPR burden, and not knowing how to start with GDPR compliance.

As such, this document is a practical approach on how to balance effort with the essentials of GDPR compliance.

  • What you should know about GDPR
  • Implementation guidelines for the preparation phase:
    • Administrative documentation
    • Personal Information Identification
    • Legal ground and permission
  • Implementation guidelines for the operational phase:
    • Continuous Personal Information Identification
    • DPO supportive tool
    • Exception handling

 

Want to learn more?

You can find information on the implementation guidelines of the GDPR, like processing principles, security measures, preparations and operations and much more by clicking on the button below.
You can also download our full implementation guide 'A free quick-start guideline for your GDPR implementation' as a PDF document.


GDPR implementation guidelines

 

Share this insight