Questions about GDPR?
If you’re working in a European Union (EU) business and you haven’t heard about GDPR already, then you should have… and you will in 2018.
The General Data Protection Regulation is an instrument by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the EU.
It has been variously called “a game-changer” and “the biggest shake up in 20 years.”
But for companies that must comply with it by May 25 this year, the regulation, which gives citizens much greater control their personal data, is potentially a bit of a headache.
The key thrust of GDPR is that it allows citizens to better control their personally identifiable information (PII). The EU says the regulation will give citizens:
- The right to know when their personal data has been hacked, since organisations will have to inform individuals promptly of serious data breaches, and will have to notify the relevant data protection authority.
- A clearer right to erasure (or the ‘right to be forgotten’), so when an individual no longer wants their data processed and there is no legitimate reason to keep it, the data will be removed.
- Easier access to their data, including providing more information on how that data is processed and ensuring that the information is available in a clear and understandable way.
- A new right to data portability, making it easier to transmit personal data between service providers.
For companies, the challenge will be to identify all relevant PII and make sure it can be easily provided to an individual or deleted if needed. And this PII can include all information about staff and customer certifications.
If you hold this kind of information on spreadsheets or other traditional methods, complying with GDPR could be a problem because you have to track down and take into account every single copy of documents containing PII.
That is why you might want to consider moving to a central, cloud-based system such as Papertrail. With Papertrail, you store all relevant certification data in one place, and can access it quickly and easily from anywhere.
You also benefit from holding the data in a highly secure environment, where access is restricted to the administrators you choose. In theory, Papertrail covers most of the GDPR boxes you need to worry about but by all means get in touch for more information.
Contact us now for more information about how to make your business more efficient and compliant, no matter where you are.