GDPR enforcement data: 25th of May 2018
The EU data protection reform was adopted by the EU parliament and the EU Council on April 27th in 2016. And this European Data Protection Regulation is applicable as of 25th of may 2018 by replacing the Data Protection Directive.
GDPR Penalties and Fines
Organizations by not following the rules in non-compliance risk heavy fines of up to €20 million, or 4% of the global yearly turnover of the organization, whichever is higher.
Here are the GDPR checklist: 5 things you need to do
Introduce the requirements of GDPR in the organization to the stakeholders. Trani your employees in cybersecurity, introduce them with the privacy by default principles and privacy by design. If you have more than 25 employees staff then assign a DPO – Data Protection Officer to train your employees.
Make sure you have a record of all your data, where all your data lives, who access the data, and on what devices. You need to identify where personal data is processing which also includes the third party processors. Update your current privacy policies and document the grounds for lawful processing.
Make sure that your embedded third party or that service partners services on your websites or software as a service provider compliant with GDPR or under an officially sanctioned data jurisdiction. Analysis and review their international data flow for mapping.
Implement methods for obtaining, seeking and recording consent to ensure compliance. Make sure to keep a record of what your each user data subject consented to and then provide multiple options for the data subject to change or revoke that consent.
Use the procedures which enable your organization to respond to data subject right, such as a data access, erasure, and rectification. Prepare a document about how all these things will be exercised in both customer and employee contexts.
VulnOS- GDPR Unified Automation Platform helps all type of business wheater it is small, medium or large. The VulnOS help you in connecting your current tech setup, guide you in data sources, help you step by step through the GDPR compliance process. Contact the consultant of VulnOS for more detail.