Even though GDPR is now launched and businesses must comply, there’s no denying that many businesses simply are not ready for it, or unwilling to comply and trying not to – this is a mistake, considering the huge fines that your business, if it has EU citizens, will be liable for.
One of the best things to do is follow a simple checklist and see exactly where you’re failing. This gives you an overview of exactly what you need to do to protect your business, as well as showing you where you could make significant improvements.
This is the most important update to data protection in two decades – and you must be able to show the EU that you are complying and committed to the project, otherwise a hefty fine that you likely cannot afford will come to you eventually. Without further ado, here is the checklist:
• Ensure that you are working to implement GDPR
• Collaborate with an IT department to audit and prepare
• Analyze your resources and budget when meeting compliance
• Audit how you are storing data, and where you are failing
• Communicate with your users so they understand what is happening
• Assign the role of DPO if you are bigger than a SMB
• Look at how you store your data, and what data you have
• Decide your identity and access to data, and how to handle access requests
• Draft a data usage and handling policy for your users
• Draft a consent policy for your users
• Look into proactive security measures with your IT department
This is by no means a thorough checklist, but following it will put you on the right path to compliance: this new law is difficult, but better for all of us in the long run: after all, it ushers in a new era where OUR data is safe. Good luck!