How HR Teams Can Plan And Prepare Businesses For GDPR Changes
With just a few weeks to go until the General Data Protection Regulation (GDPR) becomes law, it is important that your organisation is prepared. Here are three standards that all businesses should comply with:
Privacy by design
– you should implement data protection before implementing any new procedures. In addition, you should:
Increased rights of employees
- Be transparent about the data you collect and how it will be used.
- Minimise processing personal data where possible.
- Encrypt personal data so it cannot be used to identify an individual.
– all employees have the following rights:
- The right to know how and why personal information is being used.
- The right to access data and to have inaccurate data corrected.
- The right to be ‘forgotten’.
– to be considered accountable, an organisation must:
- Appoint a data protection officer (if necessary).
- Carry out privacy impact assessments.
- Consult with data protection authorities before new data protection activities can commence.
- Keep records of all processing activities.
To ensure that your organisation is compliant with the GDPR, HR departments should start undertaking privacy assessments, reviewing their data management processes and auditing stored data. If you want more information about keeping your organisations data cyber safe, then contact Cyberguru
. We can provide guidance on cyber security and preventing data breaches, and offer specialist cyber solutions tailored to your business needs.