Email: info@gdprservice.ie | Telephone: 091 450 817

GDPR COMPLIANCE EFFORTS

WE HELP YOU WITH YOUR

WEB SERVICES IRELAND

WELCOME TO GDPR

Welcome to GDPR Services

WE HELP YOU WITH YOUR DATA PRIVACY & COMPLIANCE
OBLIGATIONS

AFFORDABLE GENERAL DATA PROTECTION SERVICES FOR YOUR WEBSITE

GET GDPR COMPLIANT SERVICE FOR YOUR WEBSITE

The General Data Protection Regulation (GDPR) is in force as of the 25th May 2018, replacing the existing data protection framework under the EU Data Protection Directive. GDPR is now law and applies to all businesses that collect, handle or in any way process personal data of an EU Citizen. You are legally obliged under the new General Data Protection Regulation to have systems and policies in place outlining how you handle personally identifiable user data and how you are protecting the data you have.

The DPC is also an active participant in the European Data Protection Board (EDPB), which replaced the Article 29 Working Party (WP29). The EDPB comprises representatives from each EU member state’s supervisory authority. The role of the EDPB will be to ensure the consistency of the application of the GDPR throughout the European Union by issuing guidelines, opinions and decisions.

As a regulation, does not generally require transposition into Irish law (regulations have ‘direct effect’), so organisations involved in data processing of any sort need to be aware the regulation addresses them directly in terms of the obligations it imposes. The GDPR emphasises transparency, security and accountability by data controllers and processors, while at the same time standardising and strengthening the right of European citizens to data privacy.

Raising awareness among organisations and the public of the new law will be a combined effort of the Data Protection Commission (DPC), the Government, practitioners, and industry and professional representative bodies. The DPC has been proactively undertaking a wide range of initiatives to build awareness of the GDPR, in particular providing guidance to help organisations prepare for the new law which is in force as of 25th May 2018.

Take the right approach to GDPR compliance

While it may sound overwhelming, there are ways to make compliance more manageable. Here are five steps that will help you on your journey to GDPR compliance.

Gdpr Galway

Many organizations around the world have the European Union (EU) General Data Protection Regulation (GDPR) in their sights. They know that regardless of where they’re based, the regulation affects them if they’re supplying products or services to EU citizens or organizations. And they realize that if they don’t comply, it could cause serious damage. Not only hefty fines and legal costs but also widespread business damage from a tainted reputation.

It’s clear that noncompliance with the GDPR could be a real threat to the future of many organizations. But on the other hand, personal data has tremendous value. If it’s managed properly, it can create a significant competitive advantage. Let’s look at the steps you can take to achieve GDPR compliance – and, while you’re at it, position yourself in the best way possible to get an edge over competitors.

So what does this GDPR business means?

Simple. We are obliged under this law, to have a privacy policy in place and state how we protect our clients’ data. This applies to everyone, even companies outside the European Union if they have links or trading within the EEA space.

So… I have a website. What must I do?

  1. Privacy Policy in which to state all your technical cookie information.
  2. Explain clearly how you protect your customers’ data.
  3. Protect your personal computer with GDPR ready policies antivirus software, which we sell also.
  4. Explain why you are tracking the behaviour of your website’s visitors.
  5. Inform all users of the website of what analytics or other tracking technologies are being employed on the website.
General Data Protection Services Galway
  • ACCESS

    The first step toward GDPR compliance is to access all your data sources. No matter what the technology – traditional data warehouses and Hadoop clusters, structured and unstructured data, data at rest and data in motion – you must investigate and audit what personal data is being stored and used across your data landscape. Seamless access to all data sources is a prerequisite for building an inventory of personal data so you can evaluate your privacy risk exposure and enforce enterprisewide privacy rules. To address GDPR compliance, you can’t rely on common knowledge or perception of where you think personal data might be. The regulation requires organizations to prove that they know where personal data is – and where it isn’t.

  • Identify

    Once you’ve got access to all the data sources, the next step is to inspect them to identify what personal data can be found in each. Often, personal data is buried in semistructured fields. You’ll need to be able to parse those fields to extract, categorize and catalog personal data elements such as names, email addresses and social security numbers. Considering the volumes of data at hand, this cataloging process can’t be manual. And you not only need to parse and classify personal data – you also have to accommodate varying levels of data quality. Things like patterns recognition, data quality rules and standardization are vital elements of this process. Having the right tools for the job will make a big difference in your ability to maintain GDPR compliance.

  • Govern

    Getting a grasp on personal data starts with being able to define what personal data means and then share this understanding across your organization. For GDPR compliance, privacy rules must be documented and shared across all lines of business. This is the way to make sure personal data can only be accessed by those with proper rights, based on the nature of the personal data, the rights associated with users groups and the usage context. To achieve this, roles and definitions must be established in a governance model. Then you can link business terms to physical data sources, and establish data lineage from the point of creation to the point of consumption. This provides you with the required level of control.

  • Protect

    Once the personal data inventory and governance model are established, it’s time to set up the correct level of protection for the data. For GDPR compliance, you can use three techniques to protect data: encryption, pseudonymization and anonymization. You must apply the appropriate technique based on the user’s rights and the usage context – without compromising your growing needs for analysis, forecasting, querying and reporting. The easiest way to protect data privacy is actually to press the delete button, keeping only the data you need to run critical business processes and added-value analysis.

  • Audit

    The fifth step in your journey to GDPR compliance involves auditing. At this stage, you’ll need to be able to produce reports to clearly show regulators that you know what personal data you have and where it’s located, across your data landscape, then you properly manage the process of getting consent from individuals who are involved. You can prove how personal data is used, who uses it, and for what purpose. Make sure that you have the appropriate processes in place to manage things like the right to be forgotten, data breach notifications and more.

© Copyright - GDPR Galway Services | General Data Protection Services Galway | Email: compliant@gdprservice.ie