The GDPR is a legal framework that sets guidelines for collecting and processing personal data of EU citizens. By May 2018, any organization handling EU citizens' personal data must comply with GDPR requirements. The GDPR strengthens data protection for individuals and implements penalties for noncompliance. Crown Records Management can help organizations prepare for and comply with the GDPR through services like a data protection officer, data protection impact assessments, and a GDPR readiness assessment.

1. *limited availability
GDPR
GENERAL DATA PROTECTION REGULATION
CROWN RECORDS MANAGEMENT can help YOU PREPARE
The GDPR is a legal framework that sets guidelines for the collection and processing
of personal information of individuals with EU citizenship anywhere in the world
By 25th May 2018 any organisation that collects or processes personal
data of EU citizens must be compliant with the requirements stated
in the GDPR.
The GDPR defines personal data as information that is both directly
and indirectly relatable to a data subject.
With the GDPR’s shift in policy, people will have more control
over their data.
Depending on size of your organisation and what is being processed we recommend to have
a data protection officer as a means of supervision to guarantee the integrity of personal data,
and to prevent any violation of the GDPR obligations.
Only public sector bodies require a DPO as a default.
Organisations must protect data according to the level of risks,
and cannot allow data protection to be an afterthought.
THE GOALS OF THE GDPR
PERSONAL DATA HANDLING PROCESS
RIGHTS AND RESPONSIBILITIES
DPO ROLES
DATA PROTECTION PRINCIPLES
Protect
EU citizen personal data
Protects personal data
Control
helps people keep control
of their data including
what is processed
Data subject Data controller Data processor
1. Collection
2. Technical and organisational
protection measures 4. Processing
3. Forwarding
Unify
the duties and
responsibilities of
controller and processors
Simplify
for users
the means of data
collection and processing
The rights of the data subjects
The responsibilities of that data
controllers and processors
The rights to data correction
Tighter consent requirements
Erasure right to be forgotten
Increased data portability rights
Data breach notification
Privacy by default measures
Accountability for violations and breaches
Harsh sanctions for not complying
Embedded security measures
Transparency of data flow
Full functionality of data handling
Guaranteed end-to-end security
Inform and advise
organisations on data protection
Monitor
data management and processing
Assess
the impact of protection and level of risk
Notify
data subjects of breaches
Cooperate
with supervisory authority
Minimise
Restrict the processed
amount of personal data
to the necessary minimum.
Control
Data subjects should
be provided with control
over the processing
of their personal data.
Enforce
A privacy policy should
be in place and enforced.
Demonstrate
Controllers and processors are
able to demonstrate compliance.
Inform
Data subjects should
be informed when personal
data is endangered.
The power of memory
www.crownrms.com
24% of firms have
cancelled all preparation
for the regulation.*
A further 4% have
not even begun preparation.*
44% think the
regulation will not apply to
UK business after Brexit.*
*Survey commissioned by Crown Records Management in 2017 and undertaken by Censuswide.
REQUESTYOURCOMPLIMENTARY
GDPRREADINESSASSESSMENTNOW!*