GDPR at SIGNIFIKANS
For SIGNIFIKANS, the protection of data and privacy is the core of our business. Meticulous handling of data and respecting privacy is ingrained in our culture as well as central to our customer promise.
As you may be aware, new data protection rules in the European Union (EU) known as the General Data Protection Regulation (GDPR) will be in effect as of May 25, 2018. Focused on data privacy, GDPR is the new EU legal framework for the protection of personal data. It includes several key changes to existing EU data protection law, including data breach notification, accountability and enhanced individual rights. GDPR will affect all organizations and public bodies, wherever located, that handle data of persons in the EU. Over the last year, we have been preparing for GDPR and have taking steps to ensure timely compliance with those rules.
We are confident that our existing practices provide a strong foundation upon which to build our GDPR compliance activities.
For more information, please contact our data protection officer: firstname.lastname@example.org.
THE EU GENERAL DATA PROTECTION REGULATION
Effective May 25, 2018, the EU General Data Protection Regulation (GDPR) is the new European Union (EU)-wide legal framework for the protection of personal data, replacing the Data Protection Directive (95/46/EC). The new law will affect all organizations and public bodies that handle data of persons in the EU.
WHAT YOU NEED TO KNOW
HOW SIGNIFIKANS IS PREPARING FOR GDPR
GDPR introduces several key changes to existing EU data protection law, including data breach notification,
increased accountability and enhanced individual rights such as data erasure (“right to be forgotten”) and data portability. GDPR will be directly applicable in the entire EU.
SIGNIFIKANS identified the changes to our systems, processes, and policies that may be needed to comply with GDPR’s requirements. Our existing information governance and security frameworks will provide a strong basis for our implementation of GDPR compliance measures. We are also taking the following actions:
- Continuously monitoring GDPR related regulatory/legal activities in the EU and its member states.
- Engaging with regulators to understand how the new law will be interpreted.
- Collaborating with internal and external experts in our GDPR readiness activities.
- Created a new standard operating procedure for GDPR compliance and trained staff the use.
- Maintain data processing agreements with our clients and sub-contractors (sub-data processors).
DIRECTIVE 95/46/EC: Data protection directive regarding the processingof personal data and the free movement of such
data – transposed to member state laws.
REPLACED BY GDPR (AS OF MAY 25, 2018): Regulation directly effective in member states without the need for implementing legislation.
- Stronger rights for individuals
- Greater accountability requirements
- Increased scope
- Strong sanctions and penalties for non-compliance: top fine is up to 4% of worldwide group turnover
Our priority is to ensure that our clients continue to enjoy the benefits of our services while staying secure, compliant and uninterrupted.
Our data protection officer: email@example.com
Our customer service: firstname.lastname@example.org