The EU’s General Data Protection Regulation effective & enforced on May 25, 2018 being one of the largest and most globally recognised data privacy laws in the world. It requires that all companies and personal businesses comply in the way they handle European citizens data (consumer) not matter your industry or country you may be doing business in; it affects the globe.
So what is the point of the GDPR? A powerful data protection ACT first proposed in early 2012 with its main implementation allowing European citizens to gain control over their personal data and the way its handled and if that person wants it to be handled at all. This in itself will catch a lot of businesses without recognising the requirements.
What are your requirements? If you are involved in handling consumer data (that including any third parties) to any particular service you offer or manage. Recognition that if a individual no longer wants their data to be processed; to have the option to delete the data (provided the activity data in not illegal or holds legal rights or protection of the commonwealth system and requires to be held). All Companies have the obligation to notify the relevant national supervisory of any serious data breaches. These are just some of many requirements.
How to prepare for GDPR? Some simple steps should be taken in order to be compliant and aware. You should seek legal advise if you are unsure and analyse how your business make affect privacy regulation and data processing. Advise your staff and train them about responsibilities as a person and representative of a company/s they work for. Assign a responsible (nominee or officer) for all complaint, data reviewing & com-pliancy. If in doubt; seek legal advise or as a minimum speak to a professional in your industry practises of trade and data security.