The General Data Protection Regulation, which has become effective on May 25th 2018 is a big concern to many companies as they struggle to meet the regulation or, as some surveys show, are not even aware of its existence. Regardless the state of their data management system now, GDPR has to be implemented in every company that collects, handles and processes personal data of EU citizens. This new law, although introduced by the EU, applies to every company around the world that does any business in the EU. How do you know if you’re GDPR ready?
Know the basics
In order to make sure that you’re ready for GDPR, you need to know what does it actually entail and which areas of your business does it affect. GDPR applies to all organizations, regardless their size and origin, which process and hold the personal data of EU citizens – wrote ins2outs in thier aricle. As such, the regulation affects every company that offers services or goods to EU citizens, monitors their behaviour or has an establishment based in the EU, even if their business is mainly or solely located anywhere else in the world.
Get a DPO
Most companies will need to appoint a person responsible for overseeing the GDPR compliance as a requirement. A DPO, which stands for a Data Protection Officer, will be the one responsible for protecting the business interests and checking on the data and the ways its stored, but they will also need to be in touch with the supervisory authority in order to report any breaches as soon as possible. The DPO is usually supported by a team of people, especially in bigger organisations, as their everyday job revolves around many different aspects of business and it’s not possible for one person to do it all.