Serve-iT

View Original

GDPR is dead, long live GDPR

Krist Cappelle

First of all, at the start of this new year, it is time to wish you 

The very best for 2019.

Now with this new year, most of the GDPR hype is over, we got rid of all the emails requesting for our consent and the media have discovered other items to talk about.

For those that have already gone through the effort of adapting their way of working to make it GDPR compliant: congratulations!

For the others:

The best time to prepare for GDPR was yesterday.

The next best time is today …

As the deadline of 25thof May is already long overdue, there is no more need for quick and dirty solutions, we can stop all the window-dressing and set up a decent organization, in line with the company standards and above all, with a pragmatic approach that does not disrupt our business.

We are lucky in Belgium that our DPA in Belgium (Data Protection Authority), has not started massive controls yet, so that gives us a little breathing space to get compliant.

But that should not at all be an excuse for ignorance!

As said before, if you go through the process of getting GDPR compliant just to avoid the fines, you haven’t understood the message.

Your employees, your customers, and all your other contacts deserve respect for their privacy and the (personal) data they entrust you. They are the ones that will benefit from this project and they will finally decide if they want to continue doing business with you…

Now, what are the top 5 items to focus on in 2019:

  1. Have your privacy and cookie policies updated in line with GDPR

    By doing this, your visitors know what happens with the data they leave behind, and you already give a clear signal that you care.

  2. Negotiate the necessary data processing agreements

    All subcontractors involved in the processing of personal data on your behalf should sign one.
    Not only will they be motivated to respect the rules on processing of your personal data, but you will also have a better insight in the quality of your subcontractors

  3. Have an information security framework in place.

    We based our approach on ISO27001, a worldwide renowned framework that will give you a clear overview of your current security status. This will be a baseline for further improvements and will provide an extra security guarantee to your customers

  4. Setup a risk management platform

    We call it a DPIA (Data processing impact analysis) but here again, you will benefit twice, as they will provide you with much more management information than what is required for the GDPR

  5. Start creating privacy wareness on all levels.

    GDPR is not a project for legal and IT departments. They are the ones leading the way, but they can only succeed when everyone within the organization is involved.

Now, how about outsourcing this project? 

We are best placed to take it out of your hands, so you can focus on your core activities.

Our team of highly experienced specialists has all the templates ready, can organize the necessary trainings and workshops and has you up and running in no time …

Contact us to get a detailed budget estimation, you might be pleasantly surprised …