{"id":4452,"date":"2018-02-09T05:42:42","date_gmt":"2018-02-09T00:12:42","guid":{"rendered":"https:\/\/qadit.com\/blog\/?p=4452"},"modified":"2018-02-09T05:42:42","modified_gmt":"2018-02-09T00:12:42","slug":"7-steps-for-getting-your-organization-gdpr-ready","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/7-steps-for-getting-your-organization-gdpr-ready\/","title":{"rendered":"7 steps for getting your organization GDPR-ready"},"content":{"rendered":"
\n
\n

\"GDPR-readyWhile the EU has had long established data protection standards and rules, its regulators haven\u2019t truly commanded compliance until now. Under the General Data Protection Regulation<\/a> (GDPR), financial penalties for data protection violations are severe<\/a> \u2013 \u20ac20 million (about $24.8 million USD) or 4 percent of annual global turnover (whichever is higher), to be exact.<\/p>\n

What\u2019s more is that GDPR does not merely apply to EU businesses, but any organization processing personal data of EU citizens, regardless of location. That said, organizations need to take real steps to improve how they collect and manage data.<\/p>\n

At its core, GDPR compliance<\/a> is about following sensible information management practices. However, oftentimes, business users do not follow their organization\u2019s information governance policies, whether it\u2019s because storing content in these platforms is tedious or simple ignorance of the rules. Compliance with the GDPR will therefore require practical steps which both improve employee awareness and the practices that make it more likely people will follow the rules.<\/p>\n

But doing this is easier said than done, and business leaders need practical, actionable strategies that they can implement to meet the new requirements. Here are seven steps to help organizations improve data management and close the GDPR compliance gap<\/a>.<\/p>\n

1. Get explicit customer consent<\/h3>\n

From fitness apps to online checkouts and contracts, companies are collecting more consumer data than ever before. Under GDPR, be clear about what information you\u2019re collecting and how it will be used, and have a legal document in place that clearly outlines both. Another option is to only collect data you need \u2013 if you don\u2019t need to know a person\u2019s ethnicity for a specific reason, consider eliminating those prompts on your website. <\/p>\n

2. Centralize data storage<\/h3>\n

As far as possible, you should unify your central content repository. Aim to store all personal customer data in one environment, or connect on-premises and cloud deployments. If this is not possible, make sure that departments have one single space for storing data. Eliminate shadow IT<\/a> and train all staff to be compliant with these practices. <\/p>\n

3. Audit the information you have<\/h3>\n

One of the easiest ways to begin complying with the GDPR is to perform an audit of all the information you currently hold, and search for any personally identifiable information that may exist across your organization. Move what you want to keep to a central repository and delete the rest. <\/p>\n

4. Make subject access information easy to find<\/h3>\n

As of May 2018, consumers will have the right to demand a \u2018subject access request,\u2019 in which companies must be able to provide them with a file containing all the information you hold on them. To be compliant, you will need to confidently collect data from all your systems about a specific customer, which may involve collecting data from multiple systems, so have the technology and processes in place to do so. <\/p>\n

5. Security, security, security<\/h3>\n

Companies must store any data they collect via internal systems in a secure platform, so assess your current cybersecurity measures, make sure basic security procedures such as encryption and password protection are in place and then promote best security practices amongst members of your organization. <\/p>\n

6. Implement accountable records management<\/h3>\n

Personal customer information that your staff receives must be recorded centrally, have permissions and metadata tags applied and be destroyed when no longer required. Don\u2019t keep paper records, and implement strict, automated processes about how long you hold onto this information and when it\u2019s no longer needed. <\/p>\n

7. Honor customers\u2019 right to be forgotten<\/h3>\n

The GDPR will allow consumers to demand that an organization deletes any data they hold on them. In order to honor this, be sure that all personal information is moved to this central environment so it can be easily and thoroughly removed.<\/p>\n

Improved data management and information governance is good for everyone, but it\u2019s becoming critical for GDPR compliance, and organizations that don\u2019t get on board will end up paying both financially and legally. These seven steps will have you well on your way to revamping how your organization stores data and make for a more secure and organized business environment.<\/p>\n

\n<\/p><\/div>\n<\/p><\/div>\n

Read the Full Article here: >Help Net Security – News<\/a><\/b><\/p>\n","protected":false},"excerpt":{"rendered":"

While the EU has had long established data protection standards and rules, its regulators haven\u2019t truly commanded compliance until now. Under the General Data Protection Regulation (GDPR), financial penalties for data protection violations are severe \u2013 \u20ac20 million (about $24.8 million USD) or 4 percent of annual global turnover (whichever is higher), to be exact. … <\/p>\n

Continue reading “7 steps for getting your organization GDPR-ready”<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[293],"class_list":["post-4452","post","type-post","status-publish","format-standard","hentry","category-itsec","tag-wonder-information"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-19O","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4452","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=4452"}],"version-history":[{"count":1,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4452\/revisions"}],"predecessor-version":[{"id":4453,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4452\/revisions\/4453"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=4452"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=4452"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=4452"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}