The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) came into effect on the 25th May 2018. It is a regulation which aims to give EU citizens back control and transparency over their personal data, how it is used, by whom and for what purpose. Businesses who do not comply, are at risk of significant fines, reputational damage and losing customer trust. Under the accountability framework, businesses must be able to demonstrate compliant processes are in place and having the right technical solutions in place, is a key part of that.
personal data are we sending via email and over file transfer methods?
is the sensitivity /risk category of that data?
Tip – Conduct an impact assessment if it is high risk.
are we sending this personal data to, is it within the EU and if not are standard contract clauses etc in place.
are we sharing this personal data with them and what security measures are in place e.g. encryption, MFA, data minimisation, recipient verification etc
are we sending this personal data to?
are we sharing this personal data with them and under which lawful basis?
Dublin
20 The Courtyard
Kilcarbery Business Park
New Nangor Road
Dublin 22 C560
Ireland
Limerick
Ducart Suite
Castletroy Commercial Park Castletroy
Limerick V94 Y6FD
Ireland