GDPR is the new EU regulation for handling people’s personal data. It stands for ‘General Data Protection Regulation’ and comes into force on the 25th May 2018. This stringent set of security measures relate to how and where personal data is collected, handled and used. By reinforcing individuals’ rights and giving them back control, it’s hoped that the General Data Protection Regulation (GDPR) will restore confidence and strengthen the EU internal market.
GDPR contains 99 articles relating to all aspects of data protection. Some key elements include:
Data Protection by Design & by Default: This is at the heart of the General Data Protection Regulation (GDPR) and means building data protection into business processes, products and services from the outset.
Data storage, accessibility and processing: These require impact assessments and appropriate security measures, plus record keeping and regular audits.
Data Protection Impact Assessments (DPIA): A document that describes the nature of the data, the purpose of the transfer, how it is performed and the security configuration.
Consent: This requires organisations to give a clear explanation of what they will do with the data. The user must acknowledge agreement and this must be kept on record.
Right to erasure: This is where individuals can request that their personal data is erased permanently.
Subject access request (SAR): The data subject has the right to request all personal data a data controller has on them and this includes their supply chain.
Data portability: Individuals have the right to have their personal data transferred to another system or organisation.
Our managed file transfer specialists at Pro2col can help you to source and implement a secure file transfer solution to suit your business requirements and align the processing of data, in accordance with some articles of General Data Protection Regulation (GDPR). Please contact us on 0333 123 1240 for more information.