London, UK, 27 Oct 2017 – We’re now only 10 weeks away from 2018, the year of the EU GDPR (EU General Data Protection Regulation). To help you along the way, each Friday, Sapphire will publish a recommendation or action you can take to ensure that the information security and data protection element of your business is on the right track to meet the May 2018 deadline.
Week 1: Discovery
Discover and understand the amount of data your business holds and make an estimate of your liability. Define for each data stream (process) whether the organisation is a Data Controller, Data Processor or Joint Controller:
- Apply retention records.
- Assign an archivist to enable good record management.
- Remove as much unstructured personal data from the company as possible e.g. personal data within email; personal files and that stored on local C: Drives