THE PRIVACYPERFECT BLOG

While Data Subject Requests (DSRs) are not a new concept, with the enforcement of the GDPR back in 2018 May, further guidelines have been introduced. With obligations becoming stricter and wider, as several additional requirements and exemptions were laid out by the EU privacy regulation, organisations often seem to be facing challenges in handling DSRs, primarily due to the complexity and time-consuming nature of the process. In this blog post, our privacy experts discuss the typical challenges organisations may face in addressing a request under each right, and provide guidance in finding solutions to these challenges.

Often the best way to tackle complicated matters is to make it fun. Because, the show must go on. Therefore, here are 8 essential tips to become and stay compliant with the GDPR if you don’t want to be the next one biting the dust.

The enforcement of the GDPR over two years ago has drastically transformed the way organisations collect personal data. As it’s been a transformation that required investment in terms of time and resources, many organisations still find compliance a challenge today. In fact, last year still, out of 1000 organisations, only 28% said that they deemed themselves GDPR compliant. If your organisation is also still in the process of getting your GDPR compliance on track, do not worry: while it’s an investment, it’s a worthy one, that will provide your organisations with opportunities in the long run, for accountability, transparency, and better customer engagement. Our privacy experts have compiled 10 tangible steps that your organisation can take to get started towards compliance.

Digital transformation is and has been the focus of many organisations in the last couple of years, including those of the healthcare sector. This shift brings with it new, additional aspects for all areas, a major one being data protection. In the healthcare sector, where a huge amount of sensitive personal data is being processed on a daily basis, protection of this data has to be of top priority, with strict procedures, access controls, and guidelines on privacy. As such, compliance with the GDPR, within digitized care and cure organisations, is crucial. Let’s take a look at how you can ensure compliance for your healthcare organisation without disrupting the efficiency of your work.

The Data Protection Officer (DPO) is a role that's often met with growing pressure and mounting challenges due to the complexity of obligations to the GDPR, a substantial amount of workload, and the dependency of contributions from other departments within the company. With reports revealing that companies will continue to gather an increasing abundance of data to work with, providing the right tooling and resources to your DPO could prove essential for a company's GDPR compliance efforts. At the end of 2019, a study was conducted to look into how DPOs themselves weighed up on this importance. As DPOs often find themselves struggling to gain this additional support, let's take a look into the facts and figures that highlight this struggle. Most importantly, we'll also see how we can change this obstacle, into an opportunity. 
 

Since the enforcement of the GDPR approximately two years ago, over 160,000 breaches have been reported from across the EU. In the Netherlands alone, almost 27,000 data breaches were reported in 2019 - a 29% increase compared to the year before. Personal data breaches happen both due to external threats and internal security incidents, and both are on the rise. Given these figures and the large amount of personal data collected by organisations, even if the necessary safeguards are in place, the odds of a data breach happening within your organisation is quite high. So, what if a personal data breach does happen, how can you make sure that your organisation recovers from it quickly and well?

Organisations worldwide are collecting an abundance of personal data. With the various opportunities and benefits of making sure that data is optimised, more businesses are moving to data-driven practices. However, as more data is being collected, businesses are also facing unnecessary additional costs and risks.

Research has revealed that businesses in numerous sectors are collecting large amounts of redundant data and spending large amounts just to manage it. By the end of 2020, this total cost is predicted to reach an immense amount. Not only is the growing amounts of data costing companies, but it's also putting them at risks for potential data breaches. 

So why is "de-cluttering" and gaining a complete overview of your company data so crucial? 

Even two years after the enforcement of the GDPR, a lot of misconception and speculation surrounds the EU privacy regulation still. While most of us know one thing or the other about the GDPR, only a few have extensive knowledge on it, and what it means exactly in practice. In this blog post, we take a look at five common myths of the GDPR and set the record straight.

As more and more organisations like yours move to gain the benefits of a data-driven way of doing business, consumers have further grown to be more critical over their personal data. Ever since the enforcement of the GDPR, consumers are especially more interested in just how their personal data is being used.

It was Easter Friday, all sunny and bright. Jamie was inside working on projects, making sure everything was right. He’d crossed all the boxes and ticked all the spaces, but to his surprise he found some Easter eggs under his desk, of all places. He opened it up and found his favourite chocolates from hazelnut, vanilla, and to crunchy. What he also noticed was a list of the things to consider for his company’s next plans, in regards to data privacy.