The General Data Protection Regulation (GDPR) is a European Union (EU) regulation that specifies how an organization should process and manage personal data.
Are you a manager in a company and want to know more about these regulations? Where to start? Here are some tips that can help you get started! Here is a simple guideline and the main points of this regulation.
History
GDPR is an EU regulation that was first enacted in 1995.
Protect whose data?
We are talking about the privacy of an individual’s data
- customer,
- an employee
- a business partner
What information is taken into account?
- Last name First Name
- Address
- Date of Birth…
- Sensible information can be religion, biometric data, DNA…
General guideline
It all depends on how you manage the data. Transparency. How to minimize and limit storage. Confidentiality (security). Be responsible for the data.
Simply put, a person’s data is like a human right. They have the right to know (transparency), to have access, to modify, to delete and to transfer their data to another company if they wish. They can also object. This is why respect for this right is very important.
Where to start ?
- Examine all the data and ‘clean’ and remove what is not necessary in your database.
- Inform when you take personal data.
- Secure data and limit access to these files with strong passwords. If you have an IT department, ask them to secure this information.
- Consult your own legal and/or professional advisers if necessary.
To find out if you are ready here is an online quiz:
https://www.pwc.com/ca/en/services/consulting/privacy/general-data-protection-regulation.html
