With only 6 weeks to go before the GDPR regulations come into force ie on the 25th May 2018, how do companies set about meeting their obligations as employers, suppliers and clients?
Here in Ireland, we have been managing data already through the current EU Data Protection Directive, but yet very few companies understand the GDPR requirements or even if they are data processors or data controllers.
With so much in the news about personal data and data breaches globally in the last few weeks, this question is one all companies are asking themselves. But how do companies know if it will affect them, and what it is they need to do to ensure they are compliant with the regulations?
In summary, here are the six “How”principles of GDPR (Article 5) setting out how personal data shall be processed:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality
And the six legal bases for processing data (Article 6) which means businesses must have a lawful reason for processing personal data. So to process the data you need to meet one or more of the following legal bases:
- For the performance of a contract
- Compliance with a legal obligation
- Vital interests
- Public interest
- Legitimate interests, unless this overrides the individual’s rights and interests
We understand that this is challenging, and the specifics of the new regulations are not easy to get to grips with. At Voltedge Management we have developed a GDPR team, pooling HR expertise, GDPR expertise and Project Management expertise, and have designed a Project Management GDPR Model for employers. We are now in a position to lead out your GDPR Compliance project, identifying clear comprehensive steps and milestones you need to take in order to becoming GDPR compliant.
Give us a call on 01 5252914 or email us on email@example.com and we’d be delighted to talk to you about how we can help you on your GDPR journey.