GDPR - General Data Protection Regulations
“Privacy is not for the passive.”
General Data Protection Regulation (GDPR)
What is GDPR ?
The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA areas.
The BS 10012 standard provides a framework for legal compliance and tender success.
What Are the Benefits of GDPR Regulations?
Compliance to GDPR Regulations is not only a legal requirement it can contribute significantly towards keeping our information safe and delivering many of the following benefits to your organisation.
- Significantly reduced risk of reputational damage, legal penalties or business revenue due to loss of sensitive or Personally Identifiable Information (PII)
- Peace of mind assurance to our customers, staff, board members, suppliers and other interested parties that their data is secure
- A public demonstration that your organisation takes information security seriously
- Internal and external recognition of the quality of the information security controls in place
- Year-on-year improvement in the security of information assets as a result of the continuous improvement
- A strong move away from reactive fire-fighting towards proactive security incident reduction
- Better alignment of information security controls with the needs of the business and our customers through regular review meetings with interested parties
- Better perception and awareness of information security issues within the business, our customers and the internal IT user population
- An improved ability to manage information security breaches if they do occur, so reducing reputational damage and limiting business impact to us and our customers
General Data Protection Act – The Kaizen 10 Steps to Compliance
1. Ensure decision makers are aware of the GDPR requirements.
2. Document the personal data you hold.
4. Develop and implement your data management procedures.
5. Develop and implement subject access rights procedure.
6. Develop and review your consent management.
7. Develop and implement your procedures for verifying ages and verification for consent for data processing.
8. Develop and review your date breach procedures
9. Become familiar with ICO’s code of practice on privacy impact assessment and article 29 working party.
10. Designate a Data Protection Officer to manage your GDPR compliance.
What is BS 10012?
BS 10012 is the British standard for Personal Information Management, and provides a framework for maintaining and improving compliance with data protection requirements and good practice and enables organisation to become GDPR compliant.
This standard also provides a framework for legal compliance and tender success.
What are the Benefits of BS 10012 Personal Information Management?
BS 10012 provides a best practice framework for a personal information management system that is aligned to the principles of the EU GDPR. It outlines the core requirements organisations need to consider when collecting, storing, processing, retaining or disposing of personal records related to individuals in line with GDPR.
Easily integrated with other popular management system standards, BS 10012 brings big benefits to companies of all sizes, including:
- Helps to identify and manage risks to personal information
- Supports regulatory compliance with data protection legislation
- Inspires customer trust
- Protects your organisations reputation
Benchmarks your own personal information management practices with recognised best practice and ensure your company is legal and your personal data is secure through the Kaizen GDPR compliance program.