The GDPR came into force on 25 May 2018. The aim of this Act was to protect the data of each EU citizen in accordance with a strict and an uniform legislation and to give each person control over whether and how their personal data is used. Even after three years, many companies have not taken adequate measures to process, store and delete data in accordance with the law.
But why is implementation so difficult for some companies?
- Lack of understanding and internal conflicts of interest – Either the interest is not there or the person responsible for data protection is still performing his or her previous duties. This creates a conflict of interest with an existing activity. It is therefore not recommended to appoint the IT manager as data protection officer.
- Problems with technical and organizational implementation – Any person may request information about the data stored about him or her. This also includes the processing, duration of storage and other data. easyGDPR DSAR enables the automation of data subject inquiries. The long and tedious search is no longer necessary.
- Proper acceptance of contracts and creation – Processing data on behalf of a third party occurs in almost every company. It is therefore necessary to draw up a contract for the processing of orders. With easyGDPR standard companies can generate their order processing contracts independently.
- Legal ambiguity and lack of support – Some entrepreneurs remain uncertain and need support. A consultation can help you avoid mistakes and implement the GDPR correctly. Currently, GDPR consultations can also be carried out within the framework of the SME Digital funding can be applied for.
- Data security – The entrepreneur must ensure that data is protected in the best possible way. With a Firewall next Generation this is not a problem. This logs all accesses to data.
- Employee training to sensitize them to this topic. A confidentiality agreement also helps to ensure that the GDPR is incorporated into everyday working life and that data is protected.
- Risk analysis – assess the current state so that you can address any shortcomings in both GDPR implementation and cybersecurity.
A short network check will give you a ready indication of how secure your network really is, and you can correct any deficiencies.
If you have any questions about data security, your network security or GDPR, please contact Schindler IT-Solutions GmbH. Benefit from years of know-how, expert knowledge not only on GDPR, data security, but also ideas on how to use your data for yourself.