The EU General Data Protection Regulation (GDPR) is coming into force on the 25th May 2018 to replace the Data Protection Act 1998. Are you as a business which deals with personal data of individuals going to be compliant.
The responsibilities of a Data Controllers
- Lawfulness, fairness and transparency
- Information you hold
- Lawful bases for processing personal data
- Consent
- Consent to process children’s personal data for online services
- Registration with the Information Commissioners Office (ICO)
- Individuals’ rights
- Right to be informed including privacy notices
- Communicate the processing of children’s personal data
- Right of access
- Right to rectification and data quality
- Right to erasure including retention and disposal
- Right to restrict processing
- Right of data portability
- Right to object
- Rights related to automated decision making including profiling
- Accountability and governance
- Accountability
- Data processor contracts
- Information risks
- Data Protection by Design
- Data Protection Impact Assessments (DPIA)
- Data Protection Officers
- Management Responsibility
- Data security, international transfers and breaches
- Security policy
- International transfers
- Breach notification
.
Leave a Reply