Haven’t we had enough? It feels like there’s been an endless stream of GDPR offers lately. Courses and certificates, as well as attorneys and consultancies, which offer an array of services. Services that are then presented as absolute necessities to avoid enormous fines as of May 2018.
Of course, proper protection of our personal data is vital, and it’s important for companies to comply with the law, so perhaps this barrage of offers is justifiable. But then again, just how difficult can it be to comply with the EU’s new general data protection regulation?
Responsible Shortcuts
I’ve always been a fan of putting things into systems or software – or, even better, cloud solutions - and trying to simplify things as much as possible. I sometimes call this principle of simplifying “responsible shortcuts”. This is based on my belief that too many companies spend too much time trying to perfect their process before they even start. For most companies, it’s by far more beneficial to simply get a process started and then improve it along the way. These principles work really well for any 27001-based projects and, actually, information security in a wider sense. However, as citizens, we want our information protected as effectively as possible, and the term “shortcut” might make us hesitate. The question is then: can you take responsible shortcuts when it comes to personal data protection?
The answer is yes, with emphasis on the “responsible” part. These principles of responsible shortcuts and simply getting a process started are always useful because every time a company starts to improve the protection of the personal data they are responsible for, the safer we, citizens and companies, are.
GDPR Compliance Tool
Unlike many of our competitors, we’re offering you GDPR compliance software to help you become compliant with the EU General Data Protection Regulation. The software consists of:
- Great content and templates so you never have to start from scratch.
- Registration of Data Processing Activities
- Support of the Data Protection Impact Assessment (DPIA)
- Effective management of data breach notifications
- A dashboard that provides a clear overview of the key areas in your compliance
- Awareness module on personal data protection to train your employees
- Gap analysis so you can keep an overview of your status and compliance
- Integration with all other enabled compliance standards in the platform
- Cross-compliance mapping and overview so you don't have to work in silos
Read more about our GDPR compliance tool here.
As to answering my first question - How hard can it be? – The answer is: quiet. It can be a big task, complying with all the process demands in the regulation, but it will be significantly easier for you to comply with the EU GDPR if:
- You already comply with current personal data protection regulations.
- You currently have a compliance tool that is partly or entirely based on ISO 27001.
- Understand where the synergies and differences are between GDPR/ISO 27701 and ISO 27001/2.
We’ve written a guide with 7 steps that you can go through to gain a better understanding of what the EU General Data Protection Regulation actually entails, and how to prepare for it. Get yours here.
P.S. Of course, we know that the EU GDPR can be a bit of a mouthful. That’s why we offer consultation services from our experienced consultants, who specialise in this topic. They’ll make sure that you have both the tools and know-how to maintain compliance with the GDPR every day. Check out the Compliance as a Service page here.
