GDPR. Rings a bell?
Well, it should. GDPR stands for General Data Protection Regulation. This one makes us busy nowadays, as all individuals, organisations and companies that are either "controllers" or "processors" of personal data will be covered by the GDPR. To make a long story short: it will overhaul how businesses process and handle data. It's alright to have déja vu, if you were old enough to remember Y2K...
And it will come into force on May 25, 2018. You may say "we still have almost three months" or "OMG, only a little more than two months?!" depending on your temper.
Elizabeth Denham, the UK's information commissioner, who is in charge of data protection enforcement, says she is frustrated by the amount of "scaremongering" around the potential impact for businesses. "The GDPR is a step change for data protection," she says. "It's still an evolution, not a revolution". (via wired)
A plan to become GDPR compliant by May 25, 2018
Your organisation is not yet working on GDPR? No reason for panic, as a recent study showed this to be the case for more than 60% of organisations. But it does mean that it’s time for action now.
It all starts with a GDPR assessment, in which the organisation’s ‘gap’ regarding GDPR legislation is determined and an action plan is drawn up accordingly. An important part of this is creating an initial inventory of the personal data in your organisation to provide a clear picture of the e ort required to become GDPR compliant.
For a mid-sized organisation, at least 3 months are usually needed to carry out the action plan and the GDPR implementation itself. In order to become GDPR compliant by 25 May 2018, it is best for an initial GDPR assessment to take place as soon as possible. (via BDO)
And be prepared.