Is Your Company Ready for GDPR? — Cartus Releases Survey Report
Posted by: Pam Uhl, VP & Associate General Counsel
The European Union’s new General Data Protection Regulation (GDPR) is a large, and very important, piece of legislation, and it is right around the corner! Is your company ready for GDPR?
Cartus is well positioned to meet and exceed the privacy, security, and compliance requirements of our clients. We see GDPR as another positive “step change” to reassess our privacy processes and enhance our data protection measures.
What Does GDPR Mean to You and Your Employees?
For Data Subjects (Employees)
Access and information: A data subject can obtain a copy of their personal data from the controller and can obtain info on how it was processed.
Right to be forgotten: Data subjects can insist that their data may be deleted when no longer needed.
Right of portability: In certain circumstances, the data subject can insist their data be moved from one controller to a new one.
For Controllers (You, the employer)
There are a number of steps companies must take, including:
- Every company must determine whether it needs to have an appointed Data Protection Officer who will be responsible for all these activities
- Perform Data Privacy Impact Assessments whenever processing is “likely to result in high risk to rights and freedoms of natural persons”
- Notify data subject and authorities of data breaches within 72 hours of becoming aware unless they are “unlikely to result in risks to the rights and freedoms of natural persons”
- Vet and contract appropriately with processors and insist that processors do so with their subprocessors
- Perform Data Mapping to identify where you are storing personal data
As part of our readiness project for GDPR, we conducted a short pulse survey to find out how companies are prioritizing GDPR, what challenges they are facing, and what they are doing to ready themselves for when the regulation takes effect. Download our pulse survey report, Is Your Company Ready for GDPR?, to find out what your peers are saying, and doing, about GPDR.
Among the key findings of the pulse survey report, you’ll learn:
- How companies are prioritizing GDPR
- How prepared your peers are for GDPR
- What steps organizations have taken to understand processing of personal data
- The strategies, if any, companies have in place with suppliers
- The challenges companies are facing to prepare for GDPR
Read our pulse survey report for more information.
If you would like more information on GDPR and how it impacts your organization and employees, or to discuss the GDPR pulse survey findings, contact your Cartus representative, or email us at firstname.lastname@example.org.