Thought of the Day: Is the GDPR a box ticking exercise?

February 09 15:32 2018 Print This Article

When it comes to following rules and regulations, it could be easy to think that companies can simply find a list of things to complete and check them off. However, there’s more to it than that for the General Data Protection Regulation.

First of all, there is no ‘one size fits all’ solution that will apply to all companies. Companies will need to assess their own situation and how the GDPR applies to their data processes. They will then need to find a tailored solution to make sure they are compliant. Additionally, data protection at the company will need to be continuously monitored to make sure the solutions are adequate and to assess any new processes that could present a risk. Finally, if a company should be reviewed by a supervisory authority, they will need to show that data protection is a consideration by design and default, and be able to justify their current data protection systems. Saying ‘I ticked all the boxes when the GDPR became enforceable’ won’t be enough. Companies must be able to show that data protection is an ongoing and continuously ‘current’ process.

  Article "tagged" as:
view more articles

About Article Author

GDPR Associates
GDPR Associates

View More Articles
write a comment


No Comments Yet!

You can be the one to start a conversation.

Add a Comment