In May 2018, the EU’s General Data Protection Regulation (GDPR) will change data protection as we know it. At Aditro we are well prepared and will gladly share our knowledge with you. To start off, here’s a list of actions you can take to become compliant for the biggest overhaul in personal integrity legislation for decades.
- Collect information on what personal data your organization processes and for which purposes..
- Assess the applicable legal grounds for your processing.
- Do you currently apply the so-called abuse rule from the Swedish Personal Data Act (“PUL”)?
- Consider the technical possibilities and processes to manage the rights of data subjects.
- Review and update the information provided to data subjects and any consent forms.
- Consider a process for managing personal data breaches.
- Appoint a person responsible for data protection issues (consider whether you need to appoint a data protection officer).
- Process for data protection impact assessments.
- Internal training.
- Review data processing agreements with suppliers that process personal data on behalf of your organization.
NEED TO LEARN MORE?
Get in touch and let’s see if there is anything we can do for you.