08 Jun The 7 Pillars of GDPR Compliance
If you have read our previous article, about if you need to comply with GDPR and have reached the conclusion GDPR is mandatory for you – these are 7 principles (we call them pillars of the GDPR) as outlined by the ICO.
The GDPR is formulated on 7 key principles, they are set out from the beginning and inform everything that follows in the legislation. They don’t give hard rules that can be dictated, but rather “embody the spirit” of the GDPR. These pillars, or principles are outlined by the independent commission and are not meant to act as legal guidance.
Lawfulness, fairness, and transparency:
Organizations must identify valid grounds for the collection and use of personal data. You must ensure that you don’t do anything with the data that is in the breach of any other law. The data must be dealt with in a way that is not unduly detrimental, unexpected or misleading.
You must be clear, open and honest from the start about what you will use the personal data for.
Businesses should identify the minimum amount of data required to carry out their needs, and this is the maximum amount of data that the business should hold at any time. The data can only be collected for the specified purposes, and this purpose must be periodically reviewed, any data that is held that doesn’t meet this protocol should be removed.
It is the business’s obligation to ensure that all reasonable steps are taken to ensure that any information gathered is not misleading or incorrect. If you discover that personal data is incorrect or misleading you must take reasonable steps to correct and erase it as soon as possible.
You must keep the data of individuals for as short a time as is possible. As a business you will need to justify how long you store personal data, once again you should also periodically review and anonymize data when you no longer need it.
Integrity and confidentiality (security):
Your business must ensure that all appropriate measures have been put in place, and they are all secure enough to protect the personal data you hold. Doing this effectively will require your business to consider things like risk analysis, organizational policies and physical and technical measures.
The accountability principle decrees that you are required to take full responsibility for what you do with personal data and how you comply with the law. You must have taken appropriate measures and records in place to demonstrate your compliance.
- Audience Reporting Explained: How Do I Use it for My Business? - July 2, 2020
- What is Realtime Reporting in Google Analytics & What’s the Real Business Benefit? - June 29, 2020
- What is the Difference Between Business Continuity & Disaster Recovery? - April 2, 2020
- The Best WFH Business Software Solutions for Remote Employees - March 30, 2020
- Covid 19 Contact Form - March 23, 2020
- Power BI: Desktop vs Pro vs Premium - March 17, 2020
- 10 Benefits of Microsoft Power BI - March 16, 2020
- What is Power BI? - March 13, 2020
- Rethinking the Customer Journey: Micro Moments for digital marketing in 2020. - March 9, 2020
- Google Ads Audiences and Signals Explained - January 31, 2020