The General Data Protection Regulation (GDPR) comes into force on 25 May 2018.
If your company handles the personal data of UK or EU residents, you need to have the right processes in place and be able to demonstrate compliance.
It’s hugely important – the range of penalties for personal data breaches go from a simple warning, up to a fine of 4% of annual global turnover or 20 million euros for the most serious infringements. And individuals can claim compensation for failures to protect their personal data.
The GDPR features a number of detailed requirements, including specific transparency duties; time limits on informing authorities about data breaches; mandatory Data Protection Impact Assessments and data processing registries; and the secure encryption of personal data.
Plus, you need to be able to respond to requests from individuals whose data you handle; including requests for access, corrections and the ‘right to be forgotten’.
What should you do?
We advise that you look at three main areas, covering accountabilities, policies and procedures; compliance and risk activities; and implementation of security measures.
You should use best practices to address the GDPR requirements, such as ensuring you have organisational policies and procedures that follow GDPR; meeting transparency requirements through tracking your data processing activities; implementing technologies to prevent and detect security threats; and having robust mechanisms to assess the privacy, business and financial impact of data breaches.
How can Unifii help in 2018?
Our consultants can help you leverage the flexibility of ServiceNow to ensure you are ready for GDPR through helping maintain transparency and visibility of your personal data processing, and through policy management, including data protection, security policies and code of conduct.
We can advise you on:
- Importing and mapping GDPR requirements
- Risk evaluation and management
- Auditing and data subject requirements
- Personal data assets requirements – e.g. following demands ‘to be forgotten’.
What makes the Unifii offering unique?
Our team is a combination of ServiceNow specialists and consultants who have joined us from client side roles. We are uniquely positioned to understand what you need in terms of structure, design and delivery – and will be there to advise you every step of the way.
The GDPR is coming, you need to be ready before May 2018 to ensure you are able to demonstrate ongoing compliance thereafter. Our consultants can advise you on getting the most from ServiceNow, as well as running workshops with a GDPR specialist to help you update your processes.
For more information or advice on your GDPR requirements, contact us today – we’re always happy to share our experience and expertise.
Telephone: +44 (0) 20 7760 7513