You’ve probably heard about this whole GDPR thing, but you might not know how it affects your business. Let us explain.
Some things to highlight about GDPR: Data must be deleted if an individual no longer wants a company to process their data. For companies collecting customer data or processing sensitive data on a large scale, they must appoint a data protection officer. Companies must notify national authorities within 72 hours of detecting serious data breaches.
So, what is GDPR and how does it affect you? The European Union created General Data Protection Regulation (GDPR) as a regulation that standardizes how companies collect and store personal data about EU citizens. By creating a standardization of data governance, there’s now an official governing data policy that states companies are fully accountable for what happens with customer data.
Although this might sound complicated, here are some simple steps to ensure compliance:
1) Familiarize Yourself
Know what data your business collects, where and how long it’s stored and, most importantly, how that data is being used.
2) Do Your Homework
Review your security policies around data protection and add language to provide compliance on GDPR.
3) Keep Your Customers in the Loop
For true compliance, create a consent policy that’s clear and specific for customers to know how and where you’re using their data.
4) Ready, Set, Requests
Prepare for data requests from customers to access, correct, object or even completely delete the data you’re storing. Know the time frames associated with these requests, and again, ensure that the request process (much like the consent) is easy and clear to your customers.
Although this is vital if your company does business with the EU, even if you don’t, compliance is highly encouraged. At the very least, this is an important reminder of the changes happening in the digital space. For further assistance in GDPR compliance or to learn how PAVLOV can help your business, give us a ping.