Conduct an internal audit of your data process
Before taking actions, you need a clear picture of all the process in place in your organization. You have to list them all, including the type of personal data concerned, the department and people who handle, process, store, access those data. The first step is therefore to analyse you current data security situation.
Efficy’s Solution : the GDPRank
Efficy will soon enable you to analyse, online and for free, your current situation. You will know to which degree your company is at risk concerning the GDPR compliance. By answering a few questions, the GDPRank will give you a better picture of the measures you need to take to be fully prepared by May 2018. The GDPRank will soon be available here.
This step is crucial when it comes to GDPR compliance. At this stage, you need to come back to your audit and take an analytical look. The idea is to reduce damage some data process could cause. You need to identify the risks of each of your data process and take actions to reduce the former.
Once you have come up with internal risk management process, make sure you document them all to protect your organization in case of control by dedicated authorities.
Data Privacy Impact Assessment
In the coming months, Efficy will put into place its Data Privacy Impact Assessment service. It has to do with a consulting service provided by an expert in data protection. This expert will conduct an internal audit of your data process and make appropriate recommendations that will help your organization take the right decisions. The complete description of the service will soon be available here.
Finally, Efficy will also allow its customers to share what we call a Shared DPO (data protection officer), that is a consultant who will help your company from a technical point of view. You do not need a full-time DPO, this is why this shared consultant will bring flexibility, control and security to your company when it mostly needs it. The description of the service will soon be available here.
Stored data need to be checked regularly to ensure their up-to-date status. If those data are no longer used, data suppression process must be implemented..
Efficy’s solution: Data Cleansing Service
A data cleansing subscription will soon be ready for clients willing to delete, archive all your inactive, old-dated data. In that way, you guarantee data cleanliness and avoid any data breach. Discover, soon, this added-value service here.
Give access to data
In accordance with the GDPR, measures shall be taken to allow data subjects to access their personal data in order to edit, modify or even delete them.
Efficy’s solution: GDPR Direct Data Access (DDA)
Thanks a secured data access, people subejcted to the GDPR will be allowed to gain access to their personal data in order to edit, modify or delete their data or preferences. More information about this module will shortly be issued here.