The new General Data Protection Regulation - are you ready?

January — 2017


Can your organisation live up to the extended rules for data protection?

Becoming effective from the 25th of May 2018, the EU General Data Protection Regulation (GDPR) makes the current requirements regarding personal data more rigorous. In this article, you can read a bit about the new requirements and rights that the regulation introduces, what it will mean for you and your company and how you ensure a smooth transition.


Why is Data Protection compliance important to you?

The GDPR affects all companies handling personal data, no matter if they are data controllers or data processors. The regulation extends the protection of sensitive personal data and is a legislation that scrutinizes Europe’s fundamental data protection act in a time where information systems and digital trade is an increasingly big part of our existence.

The regulation has an impact on you as a company because it now can become extremely expensive to infringe the rules or close your eyes to whether your way of handling personal data is safe. If you breach the rules, it can in the future generate fines up to 20 million euro or 4% of your annual revenue; whichever amount is higher. In addition, you risk being imposed to other negative consequences such as claims for compensation, a damaged reputation and severe breaches of the confidence between you and your customers.


What does the regulation mean to you specifically?

In the future, you need to be able to prove to authorities that you have procedures in place which gives you a survey of and makes you able to process personal data, and you need to be able to prove that you are not collecting and storing information for longer than necessary. The new EU regulation also extends your protection obligations. For instance, this means that when developing new products and business methods, you must always consider data protection and the new rules about consent.

The GDPR will have positive implications for all of us, as it gives the data subject increased control over his or her data and an increased safety when handing over personal data. However, the new rights imposed by the regulation – such as the right to be forgotten and prohibition against automatic profiling – will also have consequences for the demands aimed at your organisation. For example, you will need to be ready to handle requests about getting personal data handed over or to delete all identifiable personal data.

MOCH can help you get a good start with the General Data Protection Regulation

As we all know, it takes time to implement new procedures and specially to ensure that all employees in the company know of the new regulation and can handle personal data correctly. To ensure you have time to become compliant with the new rules before the GDPR becomes effective, you should already start implementing educational initiatives that can help you process personal information in accordance with the new rules.  

MOCH has valuable experience helping all manner of companies to become familiar with extensive and complicated legislative matters – for example regarding the Personal Data Protection Act, the Public Administration Act and the Open Administration Act. And soon, the General Data Protection Regulation as well!

With MOCH’s e-learning course in the General Data Protection Act, we can help you get all employees onboard, so that you can live up to the comprehensive code of practice of the regulation.
Does this sound interesting? Could it be of use to you? Then contact us to hear more about our upcoming standard course in the EU General Data Protection Regulation.

Interested to see how MOCH has developed a GDPR-solution for TDC? Click here.