1.What is the EU GDPR? – General Data Protection Regulation - To replace and legislate the previous Data Protection act, which comes into effect 25th May 2018
2. Why has it come about? – More data processing/handling cross-border
3. What are the implications? – Heavy fines for non-compliance
4. How do I know if I am liable? – Do you handle any type of personal data?
5. What is and do I need a DPO? – It might be advisable to appoint a Data Protection Officer to oversee GDPR compliance, sources say 20,000 of these individuals might be required across the EU
6. How do I prove accountability? – Understanding all checks and balances (Impact Assessments) concerning personal EU citizen data that you might have
7. Are your staff aware, prepared and trained? – Understanding who has access and what they should do in any eventuality
8. Understanding data flows internally and externally – Are you able to track and control all personal data within your organisation and cross-border?
9. What is the impact to my current systems and services – Recommendations for additional technology and services such as security, storage, encryption, etc.
10. Are you ready for an EU Citizen to exercise their new rights? - Data subjects have extended rights under the GDPR. These include the right to be forgotten, to data portability and to be informed of risk (data breaches).
For more information and insight feel free to contact Karl Fontanari, Senior Partner, CNA International Executive Search at firstname.lastname@example.org ro call him at +44(0)1676 822 222 especially if you feel you might need help in finding a suitable DPO candidate for this purpose.