GDPR COMES INTO FORCE ON 25 MAY 2018
This is Step 4 in our series of posts to help you get ready for GDPR. Missed Steps 1, 2 & 3? You can view them here.
The 25th of May is not very far away now. If you follow the practical steps in our series of emails, you should be getting into good shape but, if you need someone by your side to get you over the line, we are here to help.
STEP 4 – INDIVIDUALS’ RIGHTS
You should check your procedures to ensure they cover all the rights individuals have, including how you would delete personal data or provide data electronically and in a commonly used format.
The GDPR includes the following rights for individuals:
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
The rights individuals will enjoy under the GDPR are similar those under the DPA but with some significant enhancements. If you are geared up to give individuals their rights now, then the transition to the GDPR should be relatively easy. This is a good time to check your procedures and to work out how you would react if someone asks to have their personal data deleted, for example. Would your systems help you to locate and delete the data? Who will make the decisions about deletion?
The right to data portability is new. It only applies:
- to personal data an individual has provided to a controller;
- where the processing is based on the individual’s consent or for the performance of a contract; and
- when processing is carried out by automated means.
You should consider whether you need to revise your procedures and make any changes. You will need to provide the personal data in a structured commonly used and machine readable form and provide the
information free of charge.
We are here to help
Qubic can work alongside you to help you meet the conditions laid out by the Information Commissioner’s Office for compliance with the new legislation. We have a team with expert knowledge, experience and technology to help your organisation be ready for GDPR on 25 May – but that’s not very far away now.
You can’t afford to wait any longer – contact Qubic today on 020 8601 7000 and we can help you work towards compliance. Even the longest journey starts with the first step…