You’re already aware of the repercussions of not abiding by the General Data Protection Regulations (GDPR), but do you know how to begin preparing? Cornerstone Business Solutions is here to help you throughout your compliance journey.
We will help you navigate the three A’s!
Awareness
A crucial aspect of success with GDPR is educating your employees. This is a regulation that will not only impact the IT department, but every aspect of the business, including marketing, operations, human resources, and sales. Each member of the company should be aware of the regulations and how they will impact daily operations
Alignment
GDPR is about respecting data and the way people want their data to be treated. Simply put, the way data is collected and stored must be aligned with the customer’s expectations. Approval from the individual must be collected and kept in a transparent manner with no room for confusion. The customer must be aware and in control of their consent, understand how the data is going to be used, and know how long it will be stored.
Audits
It may sound overwhelming, but a full business audit and data review will be necessary to truly prepare for GDPR. If you’re like most business owners, you don’t have enough time in the day to keep operations running, take on new clients, and run an internal audit on your own. That is where we come in to help. Cornerstone Business Solutions has the knowledge and experience necessary to manage and execute a comprehensive audit for you.
You may be thinking, “How can Cornerstone Business Solutions possibly complete this detailed work before May 25, 2018?” Our powerful tool, Audit Guru for GDPR, provides the intelligence necessary to perform a comprehensive scan of your network, create in-depth reports, and manage remediation efforts to ensure no detail is overlooked. The tool includes the custom portal built for your business, which stores a record of all compliance scans and remediation efforts you will need in the event of an audit. We look forward to working with you on this journey to GDPR compliance.
Lawfulness, fairness, and transparency call for clear, upfront, and honest communication with subjects before and during the processing of data.
Purpose limitation restricts data to be used only for the purpose authorised by the subject.
Data minimisation states that the very minimum amount of data be stored for the authorised purpose.
Accuracy is of utmost importance, as data must be “accurate and, where necessary, kept up to date.”
Storage limitation means data should be kept in a form which permits data subjects to be identified for no longer than necessary.
Accountability falls on the company controller to be responsible and able to demonstrate GDPR compliance.
Integrity and confidentiality require data processors to handle data “in a manner [ensuring] appropriate security of the personal data including protection against unlawful processing or accidental loss, destruction or damage.”