Are you worried about the GDPR? We are not!

AVGGDPR
Written by DBHeroes

After a long lead time, the General Data Protection Regulation (GDPR) will be enforced from 25 May 2018. Many organisations are looking forward to the new situation with fear and trepidation. The cause of the unrest is the sales pitches that companies and institutions are bombarded with. Stories about sky-high fines and the suggestion that the Personal Data Authority (AP) will intervene directly and hard.

To reassure everyone, these rumours are not true. First of all, the fines are a last resort, an emergency measure for the very worst cases. The AP first wants to force organizations into action with other, softer measures. Secondly, do you really believe that the AP will be knocking on your organisation's door on 25 May to demand the processing registers? That a mass claim will suddenly be filed against your organization? Then take a deep breath, it won't be that fast.

Rather, the enforcement of the GDPR sets in motion a gradual change, we at DBHeroes believe. It starts with increasing awareness - individuals will discover what their rights are and how they can exercise them. In addition, case law will make it increasingly clear what is and is not allowed. It is also highly likely that certifications will be issued forcing organisations to at least deal with the GDPR. Moreover, the expectations of customers, users and consumers will increase. They will increasingly demand that organizations handle their personal data with care.

Don't get us wrong: the GDPR should certainly be taken seriously by organizations, this article is by no means a call for frivolity. We do not believe in the assertion that an organisation will meet the requirements of the GDPR by purchasing a single tool. Or that "if the documents are in order", everything will be fine.

 

Human action

So what do we at DBHeroes stand for? For this we must first go back to the basics of the GDPR. The main purpose of the regulation is for organisations to be more aware of how they handle their data. Companies and institutions must know what they do with their data, how they do it and who has access to it. In times of digitalisation, human activity still plays a crucial role in almost all data aspects. This is also evident from a recent article by the AP. That body reported that almost half of the data leaks in 2017 were caused by the incorrect handing or sending of data.

The GDPR forces organizations, among other things, to gain more control over human actions and thus their data. The article 'GDPR: for me too? (link) discusses the steps to be taken in order to comply with the GDPR.

 

Data Governance

One of those steps is setting up a Data Governance structure. By implementing such a structure, an organization records down to the smallest detail what data it has and what the data processes look like. Moreover, someone is designated as being responsible for the data. By working carefully, everyone in the organization knows what information is stored (and for how long), where they can find it and what happens to it. That sounds like... Indeed, the basis of the GDPR.

The full article can be read here.

For questions or advice please contact Lotte van Lith.

lotte.vanlith@dbheroes.eu
telephone 088 888 6060.

You can also reach DBHeroes via the contact form.

[ back ]

DBHeroes
Previous

Save time and money with good data
Next

You guys are interesting.