The General Data Protection Regulation (GDPR) is coming and from 25 May 2018 organisations processing of personal data will have to comply.
At Chartered Developments we have been providing data services for over 20 years, Data Protection legislation is not new. However, the Data Protection changes in the GDPR significantly raises the benchmark for data protection compliance and organisations will need a process to achieve the stringent new standards.
With just a few months until “the most important change in data privacy regulation in 20 years” is enforced, we want to take this opportunity to update our clients on how we have implemented both technical and organisational measures as we prepare for the new legislation:
- Our Data Protection policies and procedures have been reviewed and updated to reflect the changes required under GDPR;
- Article 30 of the GDPR requires specific records to be kept of data processor activities. We now have additional procedures and record keeping to help clients map what personal data we hold on their behalf, where it comes from, who we share it with and what we do with it;
- We have always promoted a positive culture of data protection and compliance across the business, this is being further enhanced with ongoing data protection training for all staff;
- We have a process in place to respond to our client’s (data controllers) requests for any information they need following an individuals’ request to access or make changes to their personal data.
In addition to the above:
- In May 2017 we undertook an independent data protection audit and GDPR gap analysis and have been working through to ensure that Chartered Developments will be GDPR compliant;
- Our Managing Director, Anita Turner, has trained and is certificated in Level 3 Data Protection (Risk & Compliance), Data Protection Officer training, to ensure that we have all of the information, background knowledge and resources that are required to perform our duties and comply with our legal obligations.
Of course, our expertise is available to any of our clients. To start, we are working in conjunction with Mandy Webster, data protection lawyer, to launch a suite of tools called ‘Data Protection Byte-Sized’ to help SME’s move towards GDPR compliance. To learn more about this service, please click here. Alternatively, if you would like more information on how we can help your business or how we are preparing to comply with GDPR, do contact us.