Six Steps Towards GDPR (and Other Data Protection) Compliance

This is my third blog post on the European Union’s General Data Protection Regulation (GDPR). For basic information about GDPR and why U.S. businesses need to watch out for GDPR, see my first blog post in the series. Or to see what GDPR says about information security requirements, see my second post. What is the first thing your business should do in taking steps towards GDPR compliance? The short answer is you should assess your current privacy and security program. More specifically, you will need to understand your organization, its business context, its culture, and the types of personal data it processes. You will need to understand in a detailed way what kinds of personal data the business is collecting and receiving, how it uses personal data, its practices in sharing and transmitting personal data, its retention of personal data, and its disposal of personal data. Your business should understand its entire personal data lifecycle and where personal data flow…

Read more detail on Recent Business Law posts –

This entry was posted in Business law and tagged , , , , , . Bookmark the permalink.

Leave a Reply