Becoming GDPR Compliant – Step 7 of 12

Posted · Add Comment

The European Union’s General Data Protection Regulation (GDPR) is less than six months away from becoming law. In our 12-part blog series exploring the impact of the GDPR legislation on employment screening programs in the EU, HireRight’s Associate General Counsel in EMEA, Caroline Smith, addresses key issues and concepts to get your employment screening program GDPR-Ready.

The GDPR introduces a duty on organizations to report certain data breaches to their supervisory authority (Article 33) and, in some cases, to individuals (Article 34). The GDPR now makes it mandatory for all data controllers to notify the supervisory authority unless a breach is unlikely to result in a risk to the rights and freedoms of individuals. Data processors also have an important role to play, and they must notify their controller of any breach.

This is the latest topic to be tackled by the Article 29 Working Party, who issued their guidelines on data breach notification for consultation. The consultation period will run for 6 weeks from 17 October 2017.  Read the Article 29 Working Party guidelines.

In Step 6 of our GDPR blog series, we talked about why every prudent data processor should use Privacy Impact Assessments (PIA).

Now it’s time to continue the journey with Step 7 on the road to GDPR compliance:

“Once more unto the breach…” Why galvanizing your troops to deal with a data breach is a key part to compliance with the GDPR”
In Step 7, you will learn:
  1. What is a data breach?
  2. What types of breach require notification?
  3. Who has to notify and in what time period?
  4. How to rally the troops – can your data processor support your data breach notification efforts?
Click to read the full blog on our EMEA site

*Did you miss Step 6? Read it here.

Caroline Smith

Caroline is a UK qualified lawyer with over 17 years’ experience and currently serves as HireRight’s Associate General Counsel for the EMEA and APAC region. When not “lawyering” or writing blogs, Caroline can be found striking yoga poses in remote locations such as Mongolia and Bhutan.

More Posts

Follow Me:
LinkedIn

Comments

comments


The HireRight Blog is provided for informational purposes only. It is not intended to be comprehensive, and is not a substitute for and should not be construed as legal advice. HireRight does not warrant any statements in the HireRight Blog. Any statutes or laws cited herein should be read in their entirety. You should direct to your own experienced legal counsel questions involving your organization’s compliance with or interpretation or application of laws or regulations and any additional legal requirements that may apply.