Last year we exhibited at the Information & Records Management Society Conference. The hot topic was the forthcoming General Data Protection Regulation (GDPR) and how to ensure GDPR compliance.
A brief overview of GDPR (the new EU-wide data protection legislation that will replace the 1998 Data Protection Act) was outlined in this blog.
GDPR comes into force on 25th of May 2018.
Research has found that only 6% of respondents say they are fully prepared for GDPR. AIIM Europe have published a handy infographic. It is entitled “Our Collision Course with GDPR – Achieving Compliance Before It’s Too Late.”
The AIIM infographic outlines:
- Which policies and procedures need to be revised or created to achieve compliance with the GDPR.
- The hidden costs to achieving compliance.
- Best practices and recommendations.
Staying ahead of the new GDPR is a process that requires early and continuous action. GDPR requires privacy by design, and privacy requires control. Businesses need to have a strong grip over all their content activities in order to maintain compliance and minimise regulatory risk.
7 steps to GDPR compliance
1. Identify use of personal data and content to ensure lawfulness, fairness and also transparency.
2. Limit purpose and data minimisation by only collecting information for specified, explicit and legitimate purposes.
3. Connect data and content to get a unified view for better control, portability, and deletion.
4. Use metadata to ensure privacy-by-design and by default compliance.
5. Apply retention management to limit storage.
6. Use encryption at transit and at rest to ensure integrity and also confidentiality.
7. Use access control lists, permission management, and also audit trails to ensure compliance.
Finally, the GDPR Compliance 7 steps text and image are reproduced by kind permission of AIIM Europe. Also Our Collision Course with GDPR – Achieving Compliance Before It’s Too Late infographic (C) AIIM Europe
Also iStock image used by permission of Ricoh Europe PLC
Posted in Security
