Home > News > A practical GDPR approach
Filter news :

6/21/2017 by SpearIT editor

Proximus SpearIT heeft haar VMware Professional Solution Provider partnership bevestigd. 

Newsletter

A practical GDPR approach

Have you already followed a GDPR awareness session?

Over the past year, many IT partners have scared their customers into purchasing extra IT security services. Which is strange, given that only 4% of the GDPR articles are about IT security.
"25 May is the starting shot", according to Samira Hajji, Business Consultant in GDPR at Proximus-SpearIT, "you basically need to prove you have a GDPR plan."

We have made an easy checklist to answer the killer question about GDPR:

Does the GDPR apply to me?

Yes it does, if:

  • you collect data from your employees (first and last names, phone numbers, etc.)
  • you have a marketing department, financial department, etc.
  • you have security measures which allow you to identify people (license plate, badge, biometric sensor, etc.)
  • you call on a subcontractor or are yourself a subcontractor
  • you process databases of customers, suppliers, partners, etc.

If any of these apply to your organization, you need to comply with the new privacy rules.

About Samira Haji

Samira Haji

Our lawyer Samira HAJJI worked at the national archives on a European project to set up a digital archive for a European provider. She was responsible for the business model and legal aspects (contract, IP, data protection).

Samira has a passion for technology law and is also a certified Data Protection Officer.

Start two tracks

It is important to know that you have to start two tracks, preferably in the following order:

  1. An organizational track: which processes should you adapt?
    Sales and Marketing and HR are the departments most affected by the GDPR requirements, but Finance and your customer service will also have to adapt their processes.
     
  2. An IT track: which measures should you take to support the adapted processes in your organization?
    And you shouldn't forget the security of your IT infrastructure, to better protect against hackers and ransomware for example. Also important: the processes you manage with your applications.

Below, find out more about how to tackle this in practice.

What are the main GDPR challenges?

According to an IDC study of 172 Scandinavian CIOs, the pitfalls lie in the right to be forgotten and data protection by design.

 

Because of data protection by design, we suggest you follow two tracks.

If you jump straight into ICT, you'll have incurred more costs than necessary at the end of the track, and wasted valuable time.

A good GDPR plan provides continuity

A good GDPR plan starts with the necessary analysis and builds GDPR practices in existing company processes.

Cycles of checks and adjustments ensure continuous improvement. After all, you can't think of everything in the planning phase and will undoubtedly start new initiatives.

Our practical GDPR services

To help you comply and remain compliant with the GDPR legislation, we have developed services tailored to medium-sized companies.

They focus on doing and continuously improving.

Want to know what that means in practice for your organization?

Contact us, we'd like to hear from you.

 

Contact