GDPR IS HERE | Is your business ready?

26
May
2018
503 Views

Disclaimer: We are not attorneys. Nothing within this post should be considered legal advice, but rather a spur to put your research hat on!

Does your company collect, maintain, or process personal data of individuals within the European Union (EU)?  If so, the General Data Protection Regulations (GDPR) will directly impact you and it is critical to be informed.

Why? Because the law takes effect TODAY!

This law gives individuals more control over their data and mandates how companies can collect, use and maintain the information.

The golden nugget of today’s article: Ensure all business partners are in compliance with GDPR. If you question a partner’s commitment to GDPR compliance, without hesitation you need to choose a new partner today.

US-based Companies are making this a priority.  Are you?


This implementation will require many companies to…

  1. Change current business practices.
  2. Write comprehensive data privacy policies and distribute revised contracts to all clients and partners.
  3. Verify that all internal and external company partners are GDPR compliant.
  4. Define several critical roles to ensure compliance: Data Protection Officer (DPO), Data Controller, and Data Processor.
    • A Data Processor can be an internal or external group. Anyone who captures and/or processes data on behalf of your company.
    • Prove consent of database contact information.

Okay, Marketing folks…

As of May 25th, companies have to prove consent of every existing contact in their database, otherwise, they have to be removed. The recommendation is that if you’re worried about losing a significant portion of leads, then it is best to launch a re-engagement campaign. More information HERE.

This is not a topic reserved for executive leadership. You must educate your entire team on data and data flow. All departments need to be confident in their knowledge of the current data protection environment and your company’s specific procedures.

 

What is considered personal data?

 

“Any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.”

  •   Name
  •   Address
  •   Identification Number
  •   Location
  •   Health Information
  •   Online Identifier
  •   Cultural Profile
  •   Changes in Technology

The reasons GDPR will affect US-based companies

GDPR applies to any organization located within or outside of the EU that offers goods or services to, or monitors the behavior of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

  1. Does your company website receive visitors from European Union countries? If yes, then GDPR applies to you.
  2. Do you have clients that reside within any EU territory? If yes, then GDPR applies to you.
  3. Do you have a partner, such as a data processing partner, that resides in or captures data from EU residents? If yes, then GDPR applies to you.
  4. Does your company utilize any marketing or analytics campaigns that capture data from individuals within any EU territory? If yes, then GDPR applies to you. We really liked how Forbes spells it out HERE.
  5. You could be liable for penalties even if non-compliance is 100% the fault of your data processing partner.
  6. Non-compliance penalties are huge. It is just not worth the risk.

Major industries expected to be most affected

  •   Marketing
  •   Technology
  •   Online Retailers
  •   Software Companies
  •   Financial Services

 

What are the non-compliance penalties?

 

First, a warning.

Next, a reprimand.

Then, a suspension of data processing.

Fines of up to 4% of annual global turnover or $20M+

2% for not having records organized
(This is important. Contact Secure Records Solutions for clarification)


What to include in your contract:

  1. Outline the specific responsibilities of all partners within the data capturing chain
  2. Define specific process for how data is managed and protected
  3. Define how breaches are reported

We suggest conducting a self-audit

We believe THIS is a great template.

GDPR regulates that your data must be both organized and secure. Secure Records Solutions does just that. Call us today for a smart, secure and scalable solution that will support your GDPR compliance.

Security made simple.

LEAVE A COMMENT

Our Latest Consulting Insights

EMR, Electronic Medical Record, EHR, Electronic Health Record, HIPAA, Scanning Medical Records, Thomasville, Tallahassee, Albany, Valdosta, Tifton, Dothan, Jacksonville, Atlanta, AHIMA, GHIMA, FHIMA

HomeTown Health 2019 Executive Leadership Program

Christopher P. Jones, Secure Records Solutions Partner, among 12 HomeTown Health Graduates of 2019 Executive Leadership Program Twelve individuals from Georgia rural hospitals and supporting organizations graduated from the HomeTown Health 2019 Executive Leadership Program. This group of individuals was recognized at the graduation and […]

Read More

How To Solve Your Office’s Space Issue

Does your office have a space issue? Hint: It’s actually a management issue! Recently, a potential client called me up and said they needed SRS to help them immediately. It was urgent – the practice’s office was literally running out of room. We, of course, […]

Read More

Which is the Best Shredding Solution for Your Business?

Secure Records Solutions currently offers two shredding solutions: mobile (onsite) and offsite.  Which is the best shredding solution for your business? In this blog, we detail the process for each method, and share the differences and similarities of each to help you choose which is […]

Read More

Secure Records Solutions Merges with ShredEZ of Adel, GA

As of October 2019, Secure Records Solutions has merged with ShredEZ. Secure Records Solutions is a family owned and operated document management company headquartered in Thomasville, Georgia. Founded in 2003, SRS is Southwest Georgia’s premier shredding company, known for our legendary client experience, highly accredited […]

Read More

How Can Your Office Reduce Its Paper Waste?

Did you know that the average office employee uses about 10,000 sheets of paper each year? If your office has 25 employees, that means your office goes through 250,000 pieces of paper annually.  Staggering, right?  If you use a desktop shredder and attempt to recycle […]

Read More

How Does the HIPAA Privacy Rule Apply to Paper Medical Records?

When the HIPAA Privacy Rule was established in 2003, it was intended to deal with privacy surrounding digital records; therefore, specific language surrounding the management of paper records is vague. While most practitioners are moving toward electronic records, many historical records remain in hard copy […]

Read More

phishing

Five Ways to Detect a Phishing Email Scam

Gone Phishing? It could lead to disastrous results. According to Symantec’s 2018 Internet Security Threat Report (ISTR), the average user receives 16 malicious spam emails or phishing attempts per month. Over the course of the year, that’s nearly 200 chances to accidentally give away a password, […]

Read More

scanning

What benefits does outsourced document scanning offer?

To Scan or not to scan, that is the question. For many rural hospitals, financial institutions, or businesses in highly-regulated industries, “just scan everything” is often the answer. While it’s seemingly the obvious solution, it’s never the easiest, and, in many times, it’s the most […]

Read More

documents

5 ways to create value with your documents

Despite the oppressive heat here in South Georgia, school is back in session. People are shaking off the lazy, hazy, crazy days of summer and jumping back into order and routine. There’s no better time to look at your document management routine and ensure that […]

Read More

Why do most document management software projects fail?

We hear it all the time: “We’re paperless.” “We have the latest, greatest software money can buy.” “We are cloud-based.” However, when we walk through the office, we see papers being shuffled back and forth and hard copy files being referenced. And then we realize, […]

Read More

How Can A Rural Hospital Reduce Risk & Expense?

The average rural hospital has an average 3,000 boxes of paper records even though they implemented EMR software a decade ago. Ninety-five percent of hard copy records will never be accessed, so scanning everything is an expensive, inefficient solution. Labor associated with managing medical records […]

Read More