Expert Advice Community

Guest

Gaps in complying with GDPR

  Quote
Guest
Guest user Created:   Mar 09, 2021 Last commented:   Mar 10, 2021

Gaps in complying with GDPR

We are a US-based Disabled Veteran Owned Small Business and recently picked up a chance to provide our services to a UK company. Our primary questions are:
1) We only keep employee name and employee email, and vendor name and email and IP address for same. Currently, we do not encrypt any of that data but only use it within our software.
2) We use Rackspace's standard security setup for our servers and biometric physical access.

Where are the gaps?

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Mar 10, 2021

From January 2021 the UK is no more part of the EU so you should comply with the UK GDPR instead of the EU GDPR if you are planning to offer services in the UK. Luckily, the UK GDPR is mirror legislation of the EU GDPR so regulation is pretty identical.One gap is encryption which is considered a common technical security measure, then you should inform the data subject and keep a register of processing activities, just to mention essential activities.

Here you can find more information on how to start implementing GDPR in your business:

If you want to learn how personal data are processed under the EU GDPR you may consider enrolling in our free training EU GDPR Foundations course: https://advisera.com/training/eu-gdpr-foundations-course//

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 09, 2021

Mar 10, 2021

Suggested Topics