publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/817020
32 WWW.ILTANET.ORG | ILTA WHITE PAPER MARKETING AND BUSINESS DEVELOPMENT A Worldwide Law: The EU, the GDPR and You loss of confidentiality of information. The result of all this could be an increase in global notifications of data breaches. How To Address These Changes The GDPR will affect all of us, so we need to take action toward compliance. As a general rule, personal data protected under the DPD will be protected under the GDPR. Consider all of the additional data that will now fall under the definition of personal data. Start by assessing how much personal data your organization collects or processes, and implement measures to keep the data locked down. For data breaches, it might be appropriate to start conducting impact assessments to see how likely a breach is or how much risk is involved in controlling and processing personal data. For organizations just geing started, it would be wise to start off with the "privacy by design" concept and go from there. If you are an organization that markets a lot of goods or services in the EU, you will have to comply with the GDPR. From now until May of 2018, your priority should be doing what you can to be in compliance. ILTA DAN ANDERSON Dan Anderson, CEO of SeeUnity, has nearly 20 years of experience selling enterprise software applications, including enterprise content management, business process management and enterprise content integration. Prior to joining SeeUnity, Dan was the director of business development for WindFire Technology. Through Dan's leadership, WindFire was positioned as an early leader in the emerging enterprise content integration market. He has also worked for Hummingbird and PCDOCS. Contact Dan at dan.anderson@seeunity.com. Start Here End Here Conduct an impact assessment If you're a business not located in the EU, determine if you're liable under the GDPR Discard personal data no longer being used Ensure you have a plan in place Determine how you will handle collecting consent 2 Identify whether you are a data processor or a data controller 6 Outline how you will design your privacy protocols 8 10 12 Decide how you will handle requests 4 Broaden your definition of personal data 1 Ensure you have proper protocols in place 5 Update and simplify user agreements 3 Determine if you need to appoint a data protection officer 7 9 11 Your Road Map To Preparing for the GDPR Here is a road map to follow prior to the implementation of the GDPR in May 2018.