April



CMS.DataEngine.CollectionPropertyWrapper`1[CMS.DataEngine.BaseInfo]
Profile Image Verifile
April 4, 2018
Blog Article Image

GDPR - How to Meet the Gold Standard for Data Privacy

How do you ensure that customer data is not only secure, but also that privacy is safeguarded across the spectrum of your organization? How do you make privacy not just part of the design of new services, but the default status of all customer information? How do you give customers access to, and control over, their data?

A new white paper is available to not only help confirm data privacy and control, but also improve security, while allowing organizations to tap into the opportunities that the GDPR brings as part of a smart data management strategy.

Read More
CMS.DataEngine.CollectionPropertyWrapper`1[CMS.DataEngine.BaseInfo]
Profile Image Verifile
April 4, 2018
Blog Article Image

Identifying Legal Grounds for Processing HR Data

Matthew Holman, Principal at EMW LAW, explains how under the GDPR, any company that extrapolates data will need to identify legal grounds for processing that data, specifically HR departments that often hold sensitive data.

Holman explains how the requirements for processing of sensitive personal data, relating to race, sex, disability, age, religion, belief and more, are issues that HR teams will need to be especially careful. He also addresses employee recruitment, noting that "If you post adverts and a candidate comes to you, then they are declaring an interest. However, if you want to communicate to someone or headhunt them, you need their consent first. It 's advisable to have a mechanism in place which makes it extremely clear to the consumer that they know exactly what they 're opting in to."

Read More
CMS.DataEngine.CollectionPropertyWrapper`1[CMS.DataEngine.BaseInfo]
Profile Image Verifile
April 4, 2018
Blog Article Image

Practical Tips for Consent under the GDPR

The EU General Data Protection Regulation is getting closer every day. For many privacy offices, this equates to an overwhelming workload and anxiety about where to begin and a view of the GDPR as nothing more than a list of projects to complete and items to check off in an effort to be compliant.

However, the GDPR is actually quite flexible, and compliance with its requirements is intended to be an ongoing exercise, rather than as a means to an end. It is a risk-based approach to privacy and data protection that is full of requirements for conducting analyses, balancing tests and assessments, and the overlap between these requirements often gets overlooked. As a result, the work done to address one article of the GDPR can be leveraged when addressing others. This is a proposal to simplify GDPR compliance efforts by combining and conquering.

OneTrust privacy mangement software offer practical tips to data controllers for meeting the GDPR 's consent requirements, and how to put consent management into practice.

They offer advice on identifying processing activities, assessing whether consent is the most appropriate legal basis, how to formulate consent requests, and how to ensure that consent requests are kept separate from other terms and conditions, specifically that technical and legal jargon is avoided, that the request is prominent and clearly visible to the data subject and is user-friendly, and more.

Read More