GDPR Compliance checklist
GDPR Compliance checklist - Are you ready for GDPR?
The European Parliament adopted The General Data Protection Regulation GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU.
Starting on May 25th 2018, all business in the EU will need to comply to the new GDPR regulations, or face sanctions, ranging from a simple warning in writing of non-compliance to up to $20 million EUR or 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.
To help you get prepared, here's a quick checklist to survive this new regulation:
GDPR Compliance checklist
1) Awareness and communication
Develop an Information Security Policy so that all employees understand GDPR and communicate with services and staff about why you are collecting data. Develop a culture of privacy within the company, to implement data protection by design and by default.
Analyse and track a list of all sensitive data you store and process, and identify who is responsible for this data. Customer data needs to be retained on servers that are physically located in the EU, even if processed as part of a global product or service.