Data Management, Blockchain and GDPR Compliance

Adjust Comment Print

Too many businesses seem to be embracing Satchell Paige's famous admonition: "Don't look back, something might be gaining on you".

The General Data Protection Regulation (GDPR) is set to come into force in May, paving the way for improved privacy and security that can be enjoyed across the United Kingdom and the EU. These rules can be adjusted based on future data storage regulations, ensuring that companies are always compliant.

"It applies whether the data controller - an organisation that collects data from EU residents or processor - an organization that processes data on behalf of data controller such as data centres or the data subject - the person whose personal data has been collected is based within or outside any EU member state, if they collect or process personal data of EU citizens and residents", he stated.

At most North American companies, the CIO drives data governance efforts, according to the erwin survey.

To help both pharma and suppliers ensure compliance, the company is implementing a process to address the General Data Protection Regulation (GDPR). Me Learning has teamed up with legal experts at Clayden Law to produce a range of easy-to-understand and legally compliant GDPR e-learning. You will have 72 hours before being required to notify the data protection authority and the media. Some companies will need to appoint a data protection officer. Forty one percent have a staff member dedicated to data protection and GDPR compliance, while only 7% have completed their GDPR plan. All are familiar concepts in HR, but their enforcement has been significantly juiced.

Motorcade driver detained for firearm outside Mar-a-Lago
The guilty driver said he meant to leave the gun in another vehicle , but forgot to do so when he joined the official motorcade. The incident was investigated by the Secret Service and our partners at the Palm Beach County Sheriff's Office and resolved.

All this means that if an HR organization's toolbox consists mostly of spreadsheets and Word documents, it's time to upgrade. "To make this even more hard, also consider that many firms still find the interpretation of many GDPR requirements unclear today".

It's why vendors of human capital management (HCM) systems are promoting their multi-application, multi-featured HR tool suites as GDPR compliance solutions.

Currently, the United Kingdom relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. GDPR compliance isn't something to be brushed aside; it will be something that businesses of all size and status will need to follow. Farmers will have to keep personal data - for example on employees - secure and up to date, and will also have to demonstrate compliance and delete files if requested.

So for example, the GDPR would apply to protect the personal data processed by a company with a presence in the European Union that provides travel services to customers based in an European Union state. Hiring managers have been casting widely for data related to potential candidates, including on social media, which can get dicey in terms of consent. Also, if it's not already been completed; data protection should be incorporated into the corporate risk management and internal control framework. GDPR permits nonmaterial damages such as loss to reputation and does not require the aggrieved subject to prove them, she said. GDPR compliance is certainly no small undertaking, and it will require a major shift for many companies, particularly for smaller organizations that may not have privacy programs in place. Given the importance of data to business operations, the fact that over a third of people are looking to exercise their right to be forgotten represents a real threat that can not be ignored. "IT and HR used to be more siloed", says SAP's Lessley.

Since 2002, there have been numerous other state laws enacted in the United States, including the more recent one in IL which has resulted in many lawsuits for non-compliance, but we, in the United States still do not have federal legislation that brings it all together.