The procrastinator’s guide to GDPR
GDPR not a new word now and it has been around from last year. Every one is talking about badly and curious, furious and anxious. Well, No need to be panic and make is simple, keep following the rules and you will be fine. Those who are procrastinator mode and need more comfort contact me and read it further.
I got some good resources which explain it and I have same advice for all other people.
It is very important that you delegate a DPO as early as possible and put an educational training for your staff is vital. It is no brainer, I have seen many of living in world of Excel, nothing wrong with it but when you are handling bulk data than make sure you keep it protected.
In my eyes, why do you need such a bulk report on customer data? Analyse what? And precisely what? When you handle your data in excel or any text file or anything which is less secure it is highly vulnerable for breach and that could be prevent easily if staff has been trained and make them vigilant and not been lazy about sharing common files across internet and without password protection and even dispose it correctly. And telling you that kind of breaches are hard to detect and easily overseen.
Few hard questions to think about
Let me ask you, Is your site or application allow you to browse all the customer’s records and save it to excel file? If answer is yes than you need to ask yourself, Do your business really need those functionality and storing on an excel file ? Can your business afford to risk GDPR compliance and fine of breaches? How well it can cope without bulk copy of those data?
I think above question will help you to aware and make a conscious choice. It is always better to think ahead and keep your enterprise’s integrity intact.
In summery
- Conduct a data inventory
- Minimize data processing
- Undertake a risk assessment
- Protect data through security controls
- Determine if a Data Protection Officer is required
- Provide education – Training for staff
- Document a plan for the future
Reference link : https://www.pluralsight.com/resource-center/guides/gdpr-guide
If you need any consultancy regarding GDPR or Data protection or Cyber Security than you can approach me via below form: