Search Our Site

2,869,445 registered online learners.
38 New learners so far today.

GDPR: How should your company ensure it has the right skills and capabilities for the future?

schedule 1 week, 2 days by Roger Moore in Virtual College

Business talking amongst each other

In less than a year's time, one of the biggest regulation changes to data protection will occur, so how can your business ensure it has the right skills and capabilities for the future?

On May 25th 2018, the General Data Protection Regulation (GDPR) will become law to any business that operates within the European Union (EU) regardless of Brexit. This will mean that companies will have to rethink the way they handle data on a company-wide scale.

The GDPR has been designed to protect the way citizens’ data is handled and ensure that organisations are including ‘privacy by design’ in their security strategies, so they are held more accountable to their customers.

Currently, businesses in the UK and EU that gather information on individuals do not have to reveal if they have been hacked, but as of next May, this will all change and companies that fail to adhere to this could face huge fines. Moving forward, how can you ensure that your company has the right skills for the future? Here we take a look a factors you need to be aware of.

Rights of the individuals

The GDPR will allow citizens to request their data to be forgotten and restrict the amount of information a company holds on them. This is why businesses must ensure they have enough resource to go over the rights of the individuals they have data on and check their procedures. This must include how you would delete personal data electronically and in a commonly used format.

Spreading awareness

While the decision makers and key professionals within your organisation may have heard of the upcoming GDPR, they may not fully understand it or be aware of its complications. To ensure a smooth transition and to avoid any fines that harm your business, it is crucial that they are brought up to speed on the impact this will have.

Once they are aware, the correct training can be provided to the rest of the company to make sure they are compliant.

Lawful basis

A capability that your business must confirm is whether or not it has a lawful basis for processing personal data. Companies must identify the lawful basis for their processing activity in the GDPR, document it and then update their privacy notice to explain it.

Appoint a DPO

Depending on the amount of data you process, you may need to hire a data protection officer (DPO) to take responsibility for data protection compliance and assess the impact this will have on the business's structure. Even if you’re a small business, if you handle a high volume of data, it is likely you’ll require a DPO.

Sources
www.ico.org.uk
www.information-age.com


Related resources

Roger Moore - Virtual College

Author: Roger Moore

Roger graduated in economics from Warwick University and first had a career in teaching, progressing to head of business studies in a large comprehensive school. His long and varied marketing career included working for the world’s largest PR agency. He enjoys reading, swimming, country walking and watching and participating in racquet sports.

CPD
Investors
ISO 9001:2015
Microsoft

Click to chat

Login

We are currently transitioning to a new system. To help us direct you to the correct login please choose an option below.

LMS