Most of us know that regulations and legislation have a big influence on data management. In the article awareness of data legislation I already talked about this subject form a helicopter point of view. Now it is time to take a closer look into this world of regulations. This time we talk about the regulations set by the European Committee. I selected six items which your company should take in consideration and prepare before the activation of this agreement in 2018.
Don’t be sloppy
Reason number one why companies lose valuable data is the mistakes people make. Leaving an USB in the taxi or a paper trail in a normal dumpster has often started a scandal about privacy. Awareness and sloppiness are real human errors and do your best to make them aware of the risks and value the carry with the data they handle.
Be transparent towards your customer about the collection of the data. If you tell your customer what you are collecting and for what reason they will conclude that you are a trustworthy company to work with.
Learn about GDPR
Are the general data protection regulations not yet known to you? It is time to change this. You should learn about the do’s and don’ts and involve your security officer to come up with a strategy. Whenever the knowledge is not available inside your company go search for it on the outside.
This is an “open door” statement but mismanaged by many. Your password policy should be taken very seriously by everybody in your company. Sharing is out of the question and a mandatory renewal should be in place. Only this way privacy can be protected and authorizations maintained.
Collect & Protect
Whatever you collect, you also have to protect! Better too much protection in place in line with the privacy regulations the less protection in place. When you do not know in which category a particular set of data belongs, protect it with the most heavy regulations. Afterwards the damage can be enormous with too less protection
Use encryption methods to protect your data. You will do this with two reasons in mind. First of all it is the best way to protect data and second your company shows that you have done absolutely everything. Everything in your power to protect your data and the privacy rights of your customers.
This are just six examples of real awareness about data protection. This way you can try to live up to the standards of the European Committee. The GDPR is here to protect the rights of people. Data is powerful as we all know what happens when it falls into the wrong hands. I have no opinion about the regulations itself. Only an advice: Be responsible.