The whole point of GDPR is to give people, like you and me, more control over our data. GDPR applies to everyone, not the select few. It is applicable to any data that can be used to identify an individual. This ranges from genetic data to social data.
It doesn’t apply to my small business, there are less than 10 staff members …
Incorrect. The size of your business does not matter, but what does matter is how your data is handled. Many organisations will need to appoint a Data Protection Officer (DPO) to ensure that data handling and processes conform to the law.
As well as this, data controllers will need to carry out mandatory Privacy Impact Assessments (PIAs) where chance of security breaches are high. This will minimise risks to data subjects – much like a risk assessment.
Here are 9 basic points about GDPR that you need to know.
- TermSet ScanR automatically scans, identifies and retrieves all personal information in all documents stored within multiple systems.
- ScanR delivers an interactive dashboard to score the level of risk/ exposure for identifiable personal information and subject access requests.
- Sensitive documents can be identified and workflows can be initiated for routing, classification, governance and quarantine purposes.