The General Data Protection Regulation
(GDPR)

is the EU law governing personal data protection and privacy in the European Union.

It also addresses the transfer of personal data outside the EU and EEA areas.

THE GDPR OPPORTUNITY

Under the GDPR, personal data is data that relates to or can identify a living person, either by itself or together with other available information.

Examples of personal data include a person’s name, phone number, bank details and medical history.

WHAT IS DATA PROCESSING

The GDPR considers ‘data processing’ as any operation performed on personal data, such as use, reading, structuring, deletion, modification etc.   Simply storing personal data electronically or in structured hardcopy constitutes ‘processing’ personal data.

A data subject is the individual to whom the personal data relates.  Both employees and customers are data subjects.

The entity responsible for managing the use of data is called a ‘data controller’;

The entity carrying out the actual processing is called a ‘data processor’. A single company can be both data controller and data processor at the same time.

THERE ARE TWO FACTS EVERY ORGANISATION SHOULD REALISE ABOUT THE GDPR

THE GDPR OPPORTUNITY

The GDPR brings many positive aspects to the business world and can help your business stand out from your competitors.

If you wish to learn all about how GDPR opportunities can be made real in your business, click here

GDPR COMPLIANCE OBLIGATIONS

Controllers and Processors established in the EU will be subject to the GDPR concerning the processing of personal data, regardless of whether the processing of personal data takes place in the EU or not. Controllers and Processors that target data subjects in the offering of good and services, or monitoring of citizens within the EU must comply.  Even if the business is not based in the EU.  So how does an organisation comply with the GDPR in practice?

THE GDPR ACCOUNTABILITY PRINCIPLE

The Accountability principle is what makes you responsible for complying with the GDPR and it requires that organisations must be able to demonstrate compliance with this law.

Measures that would enable an organisation to demonstrate GDPR compliance include:

  • Adequate documentation on what personal data is processed
  • Documented processes, procedures and decisions around tackling data protection issues. For example, handling a data breach or responding to a request for CCTV footage
  • The presence of a Data Protection Officer (if required)
  • Training records that indicate appropriate data protection training has been provided for all staff

WHAT ‘HELP WITH IMPLEMENTING GDPR’ MIGHT MEAN

GDPR Compliance

You need to put a GDPR compliance plan in place
and start to implement it

GDPR Program

You have already started a GDPR program and you need help with training / risk assessments etc

GDPR Audit

For a GDPR audit across
the whole, or part of, your
organisation

GDPR Templates

You need templates for data protection policies / transparency notices / GDPR records etc.

THE OUTCOME

According to a recent report by the Capgemini Research Institute there are higher-than-expected benefits of being compliant, such as increased customer trust, improved customer satisfaction, strengthened employee morale, better reputation, and positive impact on revenue.

These benefits should encourage every organization to achieve compliance.

Complete the form below and we will get in touch to discuss what is required for your organisation to demonstrate compliance with the GDPR.

Opportunities gained from GDPR implementation

Builds trust with customers and other businesses

Trust

If people trust your business they are more likely to entrust you with their personal data

Organisations

that want to do business with yours are provided with legal certainty

Complaints

to the data protection authorities will not come from your data subjects!

Opportunities gained from GDPR implementation

Data Protection Risks

Data protection risks are recognised and mitigated

Training

Proper training creates more confident, happier employees

Transparency

Transparency about data handling allows your customers to communicate data protection concerns to your staff

Knowing Data

Knowing that their own data is being treated properly creates loyalty among staff

Other ways MCS can help you reap the benefits of GDPR and keeps you up to date with the regulation in practice

  • Help with third party risk management strategy

  • Mentorship for your Data Protection Officer

  • Updates on recent GDPR case studies