The General Data Protection Regulation (GDPR) is a legal framework that came into force on 25th May 2018 and sets out guidelines for the collection and processing of personal information of individuals within the European Union (EU).
The key pillars of GDPR are as follows;
- Individual’s privacy is respected and process and systems uphold this by design.
- Right for the individual to request all data about them is deleted.
- Right to move the data from one data controller to another.
- Individual has control over their own data and how this data may be used.
- Transparency for data handlers, if a breach occurs then the data protection authority and the individuals affected within 72 hours of breach discovery.
- Severe non-compliance fines for businesses who do not adhere to the Regulation.
What are UMIS Consultancy doing about this?
A full pre GDPR audit has been carried out at UMIS Consultancy with resulting actions being completed;
- Our compliance policies have been updated and distributed to the entire team.
- GDPR and general security training sessions have been carried out.
- Our CRM now allows us to easy extract individuals data in the event of a Subject Access Request and subsequent removal if applicable.
Where is our data held?
No data processed or managed by UMIS Consultancy resides outside of the EU or is shared with 3rd parties (unless legal regulations dictate otherwise).
If you have any queries about either GDPR or your personal data please contact us here GDPR@umisconsultancy.com.