GDPR - The Beginning
With the GDPR ‘evolution’ now only 6 months away our team are now attending various conferences to gain as much information and knowledge for all areas that GDPR will cover.
Our Head of Screening Services has given an insight below from a conference last week:
‘GDPR appears to be significantly centered on the data subject and what information is held, what form & where; to make sure that it is safe and is justifiably held.
Data cannot be held for the ‘just in case’ or ‘maybe we will need it in future’
Understanding what personal data can relate to is key; Under GDPR it states –
‘any information relating to an identified or identifiable natural person, who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.’
'Compared to the Data Protection Act 1998 this is more in depth and appears to relate to a large amount of information that is now classed as personal data; I was surprised to learn that using a person’s initials in an email would relate to personal data as the data subject can be identified from this.’
The ICO has released a self assessment questionnaire for companies getting ready for GDPR; click on the link below for this useful tool:
We’ll be sharing our thoughts on GDPR as we learn more and more over the coming months - sign up to our newsletter to see our new blogs straight away.