Clearview National March 2018 - Issue 196 - Page 21

INDUSTRYNEWS 3. AUDIT THE INFORMATION YOU HAVE 5. SECURITY, SECURITY, SECURITY One of the easiest ways to begin complying with the GDPR is to perform an audit of all the information you currently hold, and search for any personally identifiable information that may exist across your organization. Move what you want to keep to a central repository and delete the rest. Companies must store any data they collect via internal systems in a secure platform, so assess your current cybersecurity measures, make sure basic security procedures such as encryption and password protection are in place and then promote best security practices amongst members of your organization. 4. MAKE SUBJECT ACCESS INFORMATION EASY TO FIND 6. IMPLEMENT ACCOUNTABLE RECORDS MANAGEMENT As of May 2018, consumers will have the right to demand a ‘subject access request,’ in which companies must be able to provide them with a file containing all the information you hold on them. To be compliant, you will need to confidently collect data from all your systems about a specific customer, which may involve collecting data from multiple systems, so have the technology and processes in place to do so. Personal customer information that your staff receives must be recorded centrally, have permissions and metadata tags applied and be destroyed when no longer required. Don’t keep paper records, and implement strict, automated processes about how long you hold onto this information and when it’s no longer needed. 7. HONOUR CUSTOMERS’ RIGHT TO BE FORGOTTEN The GDPR will allow consumers to demand that an organization deletes any data they hold on them. To honor this, be sure that all personal information is moved to this central environment so it can be easily and thoroughly removed. Improved data management and information governance is good for everyone, but it’s becoming critical for GDPR compliance, and organizations that don’t get on board will end up paying both financially and legally. These seven steps will have you well on your way to revamping how your organization stores data and make for a more secure and organized business environment. Article originally appeared in HelpNet Security. https://www.helpnetsecurity. com/2018/02/05/gdpr-ready-organization/ C L E A RV I E W-U K . C O M » M AR 2018 » 21