Are you GDPR proof yet?
What is GDPR?
GDPR ‘General Data Protection Regulation’ addresses the management and protection the personal data of European citizens. This new legislation replaces directive 95/46/EG and the Belgian privacy-law of December 8th 1992.
When will this legislation become enforceable?
On May 25th 2018 all companies must be GDPR proof. Careful handling of confidential information is not new to us. At Besox we are at work implementing and applying this new legislation. Even though a certificate to prove you are GDPR proof does not exist yet, we can see this changing in the future.
What will change exactly?
There already were directives for the protection and safety of personal data. The main principles will remain the same with some new rules added, but they will be more strict and technical.
Data controller or data processor?
As an employer you manage and process the data of your employees, this makes you a data controller. As a social secretariat you commission or allow us, to process the employee data, this make us a data processor. We are responsible for the use of your employee data. Our obligations will increase with the GDPR legislation.
Maintaining records of processing activities
Businesses with upwards of 250 employees must keep mandatory, written or electronic records of all processing activities. For data processing officers these records replace the obligation to declare at the Privacy commission.
What is a data breach?
A data breach is a leak in which protected data is, intentionally or unintentionally, released. For instance, an email containing personal data is sent to the wrong person. In case of a data breach you are obliged to notify the supervisory authority and the person to whom the information relates, within 72 hours.
Our share in your obligation to notify the Privacy commission
We will soon share a form, containing all information you require from us as ‘data processor’, to comply with your obligation to notify the Privacy commission. When a subcontractor is granted access to certain data, we will take the necessary measures to guarantee the protection of personal data.
Do you have any questions about GDPR? Do not hesitate to contact us or come to our infosession on the 8th of May.