9 Resources that will help understand GDPR compliance
On May 25, 2018, the General Data Protection Regulation (GDPR) will be enforced across the European Union (EU). As we hurtle towards this deadline, knowledge is power.
Understanding this new legislation, how it applies to your business, how to limit risk and liability can help you recognize what you should be investing in and where best to focus your time and energy in addressing areas of concern and achieving compliance. Non-compliance carries with it the potential for significant penalties, so it’s no surprises that businesses are now scrambling to get this right.
We’ve done our research on the GDPR and its implications and to help you, we’ve rounded up some of the best resources that we’ve come across. Using these resources, you can better understand privacy laws, what it means for you and use that to get yourselves as prepared as possible for the GDPR.
But first, some basics.
What and Who.
The General Data Protection Regulation (GDPR) is a new legislation in the EU (European Union) that will affect businesses around the world when it is enforced on May 25, 2018. It regulates how any organization treats or uses the personal data of people located in the EU.
Personal data refers to any piece of data that, used alone or with other data, could identify a person. The GDPR requires businesses to be transparent with people about what data they capture and store about a person, the ways in which they use that data, and how they achieve those purposes. It also grants people about whom the data is collected the right to deny storing or processing their data, as well as to request for a copy of the data, or request that the data be purged.
GDPR applies to companies that:
- are in the EU
- are outside the EU, but sell to EU citizens or EU companies
- have employees in the EU
Businesses need to have a legal basis, like consent, to process an EU citizen’s personal data. This consent must be specific and verifiable. Verifiable consent requires a written record of when and how someone agreed to let your business process their personal data. Consent must also be unambiguous and involve a clear affirmative action. This basically means clear language and no pre-checked consent boxes.
About Individual Rights.
The GDPR also outlines the rights of individuals around their personal data. EU citizens will have the right to ask businesses for details about the way they use their personal data. Businesses must be prepared to support people’s requests in a timely manner. People have the right to request their personal data be corrected, provided to them, prohibited for certain uses, and/or removed completely.
Businesses should also be able to tell someone how their personal data is being used. If asked, businesses are obligated to share the personal data that they hold on an individual, or offer a way for them to access it.
And now, the resources.
While there are multiple articles and resources summarizing and unpacking various segments of the GDPR, you may also want to read the original text of the regulation. The EUGDPR website features 11 chapters and 99 articles that give you a background on how the EU got to this point, what the EU hopes to achieve by implementing GDPR and so on, as well as answers to frequently asked questions about many different aspects of the regulation. We recommend visiting the website for an accurate overview of deadlines, expectations, and other basics.
Feeling overwhelmed by the 11 chapters and 99 articles of the GDPR text? Don’t fret! With the searchable GDPR website by Algolia, you can search for specific information based on relevant keywords. The best part, the website supports 24 different languages, so you can consume and share GDPR related information in the language of your choice and comfort.
The GDPR Checker by Siftery Track is a curated list of vendor-submitted GDPR compliance statements and practices. To date, the list currently has compliance statements from over 1100 SaaS vendors (and counting). In addition to compliance statements, the website also has information if vendors have self-certified for EU-U.S. Privacy Shield and offer a DPA.
The easiest way to take the first steps towards becoming GDPR compliant. GDPR Email Copy brings excellent GDPR-related email templates to use in one place. Pick emails by tags such as Cold Emails, Marketing, Transactional Emails, and Legal Emails.
Wondering if your business needs to be GDPR compliant or not? Have you read all the 11 chapters and 99 articles of the EUGDPR and want to test yourself? The ultimate GDPR Quiz by Mailjet is your answer to all your questions. Take the test, measure yourself, and check how much ground you need to cover before the deadline.
6. GDPR in 3 minutes [Video]
Time is valuable. If you’re looking for something that’s plain and concise, this video may be the resource to have in your arsenal. It explains the GDPR and its requirements in only 3 minutes, leaving you more time to focus on your business (and enjoy your big ol’ cuppa of Joe).
7. EU GDPR: A Pocket Guide by Alan Calder [Paperback/Kindle]
Available in Paperback as well as Kindle edition, the EU GDPR Pocket Guide by Alan Calder is a handy 56-page clear, concise tell-all for the GDPR that’s great for reading over your lunch hour or during your morning commute.
8. 10 ways to prepare your organization for GDPR [Article]
The step-by-step instructions make this GDPR compliance checklist easy to help you prepare your company for the May 2018 deadline. It gives you all the details you need to make informed decisions in your organization. Suggestions like “take a hard look at your current processes” and “educate your employees on updated consent requirements” help get you in the mindset of the new regulation—and bring you closer to full compliance.
9. What does the GDPR mean for global data protection? [Infographic]
Infographics are great tools for education, and this one is no exception. In fact, all of all the resources that we’ve shared, this is our personal favorite. It’s simple, straightforward and gives you all the information you need to move forward with GDPR compliance. It is easy to read, easy to share, and packs in some incredible statistics, history, and explanations about what the GDPR means for the EU.
With this, we hope you’re a little better prepared for the GDPR. Have you come across a better resource that we’ve missed? Let us know in the comments section.
Subscribe for blog updates
Thank you for subscribing!
OOPS! something went wrong try after sometime