Becoming GDPR Compliant – Step 6 of 12

Posted · Add Comment

The European Union’s General Data Protection Regulation (GDPR) is now just six months away from becoming law and many global companies are not fully prepared for this major legislation.

In our 12-part blog series exploring the impact of the GDPR legislation on employment screening programs in the EU, HireRight’s Associate General Counsel in EMEA, Caroline Smith, addresses the key issues and concepts you need to understand to get you and your company’s employment screening program GDPR-Ready.

In Step 5 of our GDPR blog series, we talked about the importance of vendor management – specifically, how to ensure vendors properly handle the personal data entrusted to them.

Now it’s time to continue the journey with Step 6 on the road to GDPR compliance:

 “Crash Test Dummy – Why every prudent processor of data should use Privacy Impact Assessments (PIA)”
In Step 6, you will learn:
  1. What a PIA is
  2. When to carry out a PIA
  3. The key official guidance to read on PIAs and the GDPR
Click to read the full blog on our EMEA site

Did you miss a previous step? Read it here:

Step 1 – Candidate consent and information notices

Step 2 – Follow the Yellow Brick Road (a.k.a. Data Mapping)

Step 3 – Subject Access Requests

Step 4 – The Right for Data to be Erased

Step 5 – Vendor Management – through the GDPR Looking Glass…

Download: The 2017 Employment Screening Benchmark Report
The 10th Annual HireRight Employment Screening Benchmark Report

The most comprehensive global survey of its kind – providing 10 years of insight on industry best practices.

Get Your Copy Now!

Caroline Smith

Caroline is a UK qualified lawyer with over 17 years’ experience and currently serves as HireRight’s Associate General Counsel for the EMEA and APAC region. When not “lawyering” or writing blogs, Caroline can be found striking yoga poses in remote locations such as Mongolia and Bhutan.

More Posts

Follow Me:



The HireRight Blog is provided for informational purposes only. It is not intended to be comprehensive, and is not a substitute for and should not be construed as legal advice. HireRight does not warrant any statements in the HireRight Blog. Any statutes or laws cited herein should be read in their entirety. You should direct to your own experienced legal counsel questions involving your organization’s compliance with or interpretation or application of laws or regulations and any additional legal requirements that may apply.