Who do you need for GDPR preparation?

Prior to the digitalization era, to gain and keep customer confidence was limited to deliver continuous high-quality service. Nowadays, data privacy has become at least as important. If a company cannot guarantee the confidentiality, integrity and availability of our information, we simply do not trust them … As a recent data breach shows us: who wants to be on Facebook today? (See more about Facebook – Cambridge Analytica scandal)

19-04-2018

Hungary

GDPR

GDPR, GDPR implementation, data security, information security, ISO27001, customer confidence, data breach, Cambridge Analytica, Facebook

Process Solutions has always paid special attention to the security of the data they manage, we introduced an information security management system based on the international ISO 27001 standard in 2012, that is maintained and audited every year since then.

We do not see GDPR as ‘Look, it’s another regulation we’ll unable to comply with…’, we rather see it as a new tool, an opportunity to strengthen information security and data privacy of our organization even more.

Although implementation is quite a big challenge – (as it concerns each and every piece of the organization such as accounting, payroll, HR, IT, finance, marketing, facility… I could go on, but you get the idea) – there is one thing that is more important than all of the others, and this is management commitment. So the answer is for our question in the blog title is simple, we primarily need a committed management who are sensitive enough to these requirements.

Top management support is therefore a key issue, which, in addition to provide necessary resources, includes obtaining the commitment of employees.

Process Solutions started to win their employees in a very early stage, we have awareness trainings, communication at the early stage of the preparation as well as we have given the opportunity to our employees to express their thoughts and comments with regards of data privacy.

Communication is a key element of our implementation program since all of our employees are involved with GDPR implementation.

In order to cover all relevant business processes and gather all personal data within the organization, process owners have been appointed. They all are involved in overall management of preparation, they follow the processes and help adapt data privacy requirements for our everyday work. Managers in regional offices have also been assigned special responsibility for coordinating GDPR tasks at their local offices.

To maintain compliance with regulations over so many business areas is a difficult task, but with an organized project team, as well as strong management support it is manageable.