In under four months, Europe’s data protection regulations will undergo the biggest modernization in two decades. The EU’s General Data Protection Regulation (GDPR) is set to be enforced by 25 May 2018 – at which time non-compliant organizations will face heavy fines of up to 4% of their annual turnover.
At present, Gartner predicts that by the end of 2018, more than 50% of companies affected by the GDPR will not be in full compliance with its requirements.
What you may need to do:
Demonstrate compliance by maintaining a record of all data processing activities
Data Protection Assessment Impact Analysis (DPIA)
Conduct DPIA if the processing activity is likely to result in high risk to the rights of individuals
Keep Personal Data secure through appropriate technical and organizational measures
Report data breaches within 72 hours to the regulator
Data Protection Officer
Appoint Data Protection Officer if processing sensitive data
Transfer data outside EU if appropriate safeguards are in place
To assess readiness of your firm with GDPR, you can use the below checklists published by Information Commissioner’s Office: