GDPR is built around six official data protection principles, plus an important addition: accountability. Organisations are responsible for ensuring that each of the principles is met. Here we cover what they are and what they mean for your business.
One of the big changes moving to GDPR is the power to measure fines against global turnover. This ability – at the discretion of the ICO – enables much larger fines than those currently in place. However, a data breach could cost you more than a fine.
A Subject Access Request (SAR) gives individuals the right to request the personal data that a company holds on them. The aim is to help people understand why and how companies use their data, as well as who it is disclosed to.
The GDPR applies to personal data; meaning any information relating to an individual who can be directly, or indirectly, identified by reference to an identifier. This infographic shows the variety of identifiers that are subject to GDPR.
GDPR ensures that personal data privacy and security are treated as a priority; the consequences of failing to safeguard customer data can be serious. So how can you ensure that your business meets the requirements and succeeds at GDPR?
GDPR is not just for organisations that process large volumes of data; if you process data (which according to the regulation, you probably do), it applies. Here’s a practical approach to help you get started and ensure that you are GDPR compliant.