What do you need to know about the GDPR?

Published on 01/06/2017 in Innovate

What do you need to know about the GDPR?

Your company, no doubt, gathers and processes data from customers, prospects, suppliers and staff. That means that the General Data Protection Regulation (GDPR) will brings lots of changes for you, too. Have you started preparing for it?

  1. Where do I start?

    First of all, it is important to have a clear idea of the situation in your company. What happens with the personal data your company keeps: how is it used, who has access to it, etc. and where might security risks such as data leaks occur? Make a plan for the necessary adjustments to your business processes and procedures.

  2. Who can do that?

    Companies that process data regularly and systematically are obliged to appoint a Data Protection Officer or DPO. Their job is to ensure that the company manages and processes data in accordance with the GDPR. Companies that do not have the necessary expertise in house can call on an external partner.

  3. Increase awareness among your staff

    Everyone whose personal data you keep has a number of basic rights: the right to consult the data, to have data transferred, to have inaccurate or incomplete data corrected or to have data deleted. Are your staff aware of this? It is important for them to realize that they share responsibility for the protection of personal data.

  4. External partner

    If you pass on data to a partner or a supplier, for instance to send out a marketing campaign, then throughout this partner relationship you remain responsible for the proper management of your data in accordance with the GDPR. Is your partner or supplier GDPR-compliant? How and where do they keep their data? What about data leaks?

  5. Beware of data leaks

    If a data leak occurs, it must be reported to the supervisory authority and the people concerned within 72 hours. Draw up a clear plan. What if sensitive data is e-mailed to the wrong people? Who has to be told if a member of staff suspects a leak? Opt for a reliable prevention method, such as data encryption, which limits the risk of leaks.

Further information

Companies have until 25 May 2018 to bring their operating processes into line with the GDPR. It is advisable to start as soon as possible and seek legal advice from a privacy expert. Read the interview with Sheila Fitz Patrick from NetApp on www.proximus.be/GDPR as well.


Magazine and online blog for business leaders, brimming with new insights for a fresh look at their company.

Peruse the latest magazine! (French version)

Other articles of Perspective