An idiots guide to GDPR...
Sinitta Callman
Diversity, Equity & Inclusion in Recruitment | Talent Acquisition Professional | Champion for Equity and Inclusion
GDPR – What is this you ask? To put it simply, I don’t know... Just kidding! I have written this article with the hope that it can give you some key facts in regards to the legislation that is coming into play next year.
For many recruiters the term GDPR has been flying around for months now, however who has really taken notice of it until more recently? Well to start with the simplest thing first; what does it stand for? General Data Protection Regulation (you are welcome).
In under 6 months, Europe’s data protection rules will experience the biggest change it has undergone in 20 years! This new legislation will change the way businesses and public sector organisations handle customer information.
I have to admit after doing my research on GDPR I was surprised by the amount of scaremongering around what the impact might be for businesses.
However I get why so many people may be confused. Fear not! I am going to try and make things clearer for you.
Here are the top facts on what you need to know about GDPR;
1) GDPR is Europe’s new framework for data protection laws – it will be replacing the previous 1995 data protection directive.
2) They have been discussing this legislation for FOUR YEARS – now they have finally adopted GDPR by both the European Parliament and the European council.
3) GDPR comes into force on the 25th May 2018.
4) This will give people new rights to access the information companies keep about them, obligations for better data management for businesses and of course new fines!
5) Brexit will not affect this, we will still follow this legislation.
6) Individuals, organisations and companies that are either controlling or processing personal data will be impacted by GDPR.
7) Information considered sensitive such as name, address, genetic data, information about political/religious views, sexual orientation and more will be covered by GDPR.
8) Where GDPR is different to other legislations is that even pseudonymised personal data can fall under the act (if like me you didn’t know what pseudonymised meant until reading this article then click the word and it will direct you to the meaning, again you are welcome!)
9) It will allow people to access information companies have on them easily, new fine regimes and clear responsibility for organisations to get consent off people they collect info on.
10) If an individual asks for the information the organisation has on them, the organisation will have to produce this within one month
However I don’t claim to be an expert on GDPR and honestly I am trying to get my head around all of it still!
If you would like to learn more then have a read of the full legislation, I warn you it is 88 pages long!!!!
Keen to hear people’s thoughts on GDPR and the changes your business are making to comply, especially keen to hear other recruiters thoughts on the new legislation.
Experienced and results-driven IT Manager and Technical Project Manager
7 年One the bigger challenges posed by GDPR is capturing a data breach and reporting it with 72hrs! Reporting may not be an issue, however proactively catching a breach or identifying a breach will be challenging and require organisations to think about access control and intruder detection and tracking! This will drive up TOC with the added factor of managing the on-going budget cuts..
Identity, Security and the Economics of Technology
7 年The reason people are paying attention to GDPR is the potential for the EU to assess fines of up to 4% of GLOBAL SALES of a company for violations. No one knows how aggressive enforcement will be, but given the aggressive approach the EU has recently taken on a different class of issues -- tax avoidance (e.g., by Apple in Ireland) -- it's not something that multinationals can afford to ignore.
Digital Marketing Manager at GenesisCare
7 年Elliot Morrow
Sales expert: 25+ years driving tech revenue, Consulting Solutions: SaaS/Tech/MSP/Cloud/AI. Business Transformation, GRC, Compliance + Cost Optimisation. Expert E-2-E Qualification & Business Development/Sales Processes.
7 年We (CenturyLink) are a global <> local Communications expert, working closely with our partner Company 85 to deliver a 'GDPR' readiness assessment to prepare companies for the deadline next May. Please get in touch with me via LinkedIn if you'd like to know more or have a specific requirement.