info@procureti.com
Facebook
Twitter
LinkedIn
people
  • Home
  • PTI Pillars
    • PTI ACADEMY
    • PTI COMMUNITY
    • PTI EUROPE
    • PTI EDUCATION
    • PTI RESEARCH
  • Thought Leaders
    • About Us
    • Objectives & Benefits
    • Code of Ethics
    • Partners
    • Mission Vision
  • Insights & Events
    • Our Blog
    • Newsletters
    • Knowledge Centre
  • Testimonials
    • Testimonials
    • Letters of Support
    • Clients
  • Contact Us

General Data Protection Regulation (GDPR)

April 9, 2018Mary RyanNewsletterNo Comments

The deadline for GDPR compliance is now fast approaching (Friday 25th May 2018). The impact on business will vary depending on the activities, nature and sensitivity of the data held. The GDPR relates to all data held (supplier, customer and employee) which can identify a ‘Natural Person’. The roles and responsibilities of a business in GDPR are determined by the business function as a data controller and/or as a data processor.

For guidance on whether your organisation needs to appoint a Data Protection Officer, and how to ensure that your DPO is adequately resourced for the role, see the Data Protection Commissioner’s Guidance on appropriate Qualifications for Data Protection Officers (GDPR).

Image result for gdpr

GDPR replaces the Data Protection Directive, and is intended to strengthen data protection for all individuals within the EU by:

  • Reinforcement of Individuals’ Rights
  • Strengthening Obligations for Companies
  • Enforcement by Data Protection Authorities

 

The key requirements for Business to Business customers are that they demonstrate that they have developed a plan to reach compliance and they have taken steps towards achieving that.

The key steps for business to business customers are:

  • Awareness and training within the business to ensure that everyone from top down is aware of the requirements, implications and protocols.
  • Implementation of GDPR Compliance through record maintenance of all processing activities
  • Maintain GDPR Compliance to ensure that all records are current, old and new records dealt with appropriately
  • Demonstration of GDPR Compliance requires that there is a clear reporting structure in place on all aspects of the business data collection, retention, processing and disposal activities.
  • Reporting of a Data breach requires procedures are put in place to effectively detect, report and investigate a personal data breach

In establishing their GDPR compliance model, at a minimum, each organisation should include documentation under the following:

  • Personal Data Policy Framework
  • Inventory of Processing Activities
  • Managing Data Subject Rights
  • Data Subject Access Request Form

The Data Protection Commissioner has launched a GDPR-specific website www.GDPRandYou.ie

You must be logged in to post a comment.

Recent Posts

  • Obstacles in Procurement
  • Procurement Digitalisation
  • Stakeholder Engagement
  • Big Data – is it a Big Deal for Procurement?
  • General Data Protection Regulation (GDPR)

Recent Comments

  • Thelaunchconference.com on Big Data – is it a Big Deal for Procurement?
  • Www.Appleiphonelawsuit.Com on Is Procurement a Profession?
  • sloth onesie on Is Procurement a Profession?
  • losapioraffaella on Procurement Digitalisation
  • Eusebia on THE LAUNCH OF PROCUREMENT TRANSFORMATION INSTITUTE (PTI)

Archives

  • August 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • March 2017

Categories

  • Newsletter
  • PTI Community
  • Uncategorized

© 2017 All rights reserved. Designed by SMBclix.com