Office-resources-banner

GDPR – what each department should be asking themselves now

  • 2 November 2017
  • Author: Liam Phelan
  • Number of views: 2285
  • 0 Comments

GDPR, the questions each department should be asking themselves now.

Part of the preparation for the General Data Protection Regulation (GDPR) includes identifying who is responsible for what. As expected from a new regulation there are loads of questions in point of uncertainty. In this article, based on the GDPR coalition content, we will attempt to explain in brief, the main departments affected by the GDPR. We will also advise on what each department should be asking themselves right now.

Human Resources

HR departments will have lots of work to do soon. Starting with employment contracts – what personal data and sensitive personal data do you collect? Have you documented why you need to capture the information? Do you obtain consent and explain how it will be processed? Are your policies, forms and awareness training updated with the new personal data categories?

Legal Department

Do you know how you will deal with a request for provision of personal data? Is your process documented? Is any of it automated? Do you know the new response timescale? Do you publish your data retention policies?

Marketing

When you capture consent (e.g. tick boxes) for use of personal data, do you clearly explain why you need to have it and it will be processed? In case not, you should be working on it right now. Did you know the consent needs to be explicit and the individual giving consent needs to be fully informed?

Finance

GDPR has a wide ranging affect over many business departments, including Finance. GDPR applies to online identifiers (e.g. SEPA) and ID numbers (e.g. employee ID’s) also. Have you reviewed your processes to ensure these are managed securely? Have you reviewed the potential GDPR penalties and have you taken account of these in any risk planning?

IT

It is important for the IT department to know which systems hold personal data, including the new special categories of personal data. Can you find that data in the event of a request from a data subject and can you delete it? It is stored securely, whether that’s in your office or in the cloud? Can you identify a security breach, e.g. a hack, assess it regarding impact to personal data? Have you established a process for notifying that breach within 72 hours?

Procurement

You are responsible for all the data involved in your company, even the one that is held by your sub-contractors. Where a sub-contractor is processing data on your behalf, where you are the data controller, have you ensured that the processor has provided sufficient guarantees, in terms of expert knowledge, reliability and resources, to implement technical and organisational measures which will meet the requirements of the GDPR?

what each business department needs to know about GDPR

Be Prepared

In 7 months the GDPR will be implemented! Now I the time to invest in training for your staff and help guarantee compliance. At New Horizons Ireland, we provide GDPR courses to prepare you and your company for this moment.

GDPR Certifications

Certified Information Privacy Professional

CIPP_logo

The “what” of privacy, and why you need it.

  • Legal
  • Compliance
  • Information Management
  • Data Governance
  • Human Resources

Duration: 2 days

Includes:

  • Exam
  • IAPP membership
  • Official training


View outline

Certified Information Privacy Manager

CIPP_logo

The “how” of privacy operations, and why you need it.

  • Risk Management
  • Privacy Operations
  • Accountability
  • Audit
  • Privacy Analytics

Duration: 2 days

Includes:

  • Exam
  • IAPP membership
  • Official training
 

View outline

Certified Information Privacy Technologist

CIPP_logo

The “how” of privacy and technology, and why you need it.

  • Information Technology
  • Information Security
  • Software Engineering
  • Privacy by Design 

Duration: 2 days

Includes:

  • Exam
  • IAPP membership
  • Official training
 

View outline

Other Popular GDPR courses

The GDPR Primer for Data Protection Officers
2 Days

  • The social, historical and legal background leading to the general data protection regulation (GDPR)
  • Principle one: the criteria governing fair, open and transparent processing of personal data
  • The role of the data protection officer (DPO)
  • The remedies, liabilities and penalties available under the gdpr
  • Provisions for specific processing situations
  • Preparing for implementation of the GDPR
 

Outline and course dates


Watch our webinar

GDPR, IAPP Training and Certification: What you haven’t heard, and why you need to hear it before May 25th 2018

Available: Now

PRESENTER:  Paul Jordan, Managing Director, Europe - IAPP

Most know that GDPR is taking effect on May 25th 2018 which requires organizations to prepare technology, processes and people towards gaining compliance. Due to this EU regulation there has been a recent surge of training solutions that have become available in the marketplace. Unfortunately many make claims that their training will make your organization GDPR compliant which is not possible. To help decipher how to best prepare your organization for GDPR compliance, we have enlisted the help of the world’s largest data privacy certification and membership organization, International Association of Privacy Professionals (IAPP). Paul Jordan, Managing Director – Europe IAPP, will provide clarity on why privacy and security sit on opposite sides of the front door to an organization, and how GDPR will impact organizations, people, technology and processes all over the world. Mr. Jordan will also will explain how IAPP’s ISO certified training, certifications and membership sets itself apart from other solutions. Do not miss this exceptional opportunity to hear the latest from Mr. Jordan while having the opportunity to ask questions how best to prepare your organization for GDPR and longer term data privacy needs.

Watch Now


Subscribe for more!

Never miss another free webinar. Get all the latest cheat sheets. Be informed about our complimentary training. Subscribe to our Newsletter now and and never miss out again!

Subscribe now

Print
Categories: Data Protection, GDPR
Rate this article:
5.0
Please login or register to post comments.

Categories

Subscribe to our Newsletter

cheat sheet resources

Subscribe to our Newsletter for all the latest cheat sheets and resources.

Subscribe