Risk Management GDPR Services
Collect, process and manage personal data in compliance with the EU General Data Protection Regulation (GDPR) with help from SGS.
The EU GDPR replaces the Data Protection Directive 95/46/EC and is designed to standardise data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organisations across the region approach data protection and cyber security.
As a regulation, the GDPR will directly affect member states of the EU without the need for implementing legislation.
GDPR also sets new standards for B2C relationships. It is a complex regulation that may require significant change in how you collect, process and manage data from people all over the world. Considering the significant legal responsibilities, it may take time to bring current data processes in line with GDPR. There’s no time to wait.
Steps you need to take
Organisations must implement the guidelines outlined in the GDPR, including defining who is accountable for privacy and security, and how data flows across national boundaries. Any personal data stored by an organisation must be protected to prevent any unlawful forms of processing. Additionally, in the event of a data breach being discovered the authorities must be notified within 72 hours.
Other GDPR requirements include:
- Record keeping
- Transparent policies
- Consent management
- Privacy impact assessments
Prevention is the best defence against data breaches. By using the correct organisational and security measures, your company will be able to reduce any possible risk and protect personal data.
SGS GDPR services
To help you meet the requirements of the GDPR, we deliver solutions for small and medium enterprises (SMEs), to help you achieve and demonstrate compliance.
Achieve full GDPR compliance with SGS’s global expertise and experience. Contact us to learn more.
GDPR compliance in the UK and Brexit
The UK Government has confirmed its intention to bring the EU General Data Protection Regulation (GDPR) into UK law after Brexit, ensuring continuity and data security.GDPR replaces the Data Protection Directive 95/46/EC and will give individuals across Europe more control over how their personal data is collected and processed. The Regulation will impact how organisations store and use personal data for all business activities from employee payroll and customer invoices to marketing campaigns – effectively making organisations accountable for data protection.