On this page we’ve put together a set of resources about GDPR. We’re doing this so that those in the charity sector – and interested parties outside it – can learn about the practices by which the sector complies with these regulations. We begin with some general information on GDPR. We follow with the ways GDPR relates to fundraising, and then prospect research. We have a section listing resources on privacy impact assessments.
We hope this list of resources is useful – if you have any questions or comments for us relating to GDPR, or any recommended resources, please get in touch.
Fix it Fast: Apply GDPR to Your Company in 10 Simple Steps: Amazon.co.uk: Patrick O’Kane, Kristy Grant-Hart: 9780993478857: Books
Very clear and easy to read – hard to understand why the ICO can’t produce guidelines as good as this, but anyway!My approach was to read 10 pages at time, then go and action it all and come back to the next 10 pages. You use it, it needs to be practical, as everyone’s GDPR implementation will be unique. The book has spaces for making notes in the book, but that isn’t my style – I prefer a digital approach. My only niggle is that there is not an online companion to this book, where you can login and do just that. I’m still giving this 5 stars, because the clarity of the content is worth the price alone.
A Guide to Help You Prepare for GDPR Compliance, Free Download
The General Data Protection Regulation protects the personal data of EU citizens. If your company handles the personal data of EU citizens, regardless of where you are based in the world, you’ll need to take some important steps to ensure that data is correctly controlled, processed, maintained, retained, and secured. With penalties as steep as €20,000,000 or 4% of your annual gross revenue, this should be a top priority for your team in 2017. It might be daunting, but we’ve pulled together some resources to help you prepare. Get the GDPR Toolkit, and be well on your way to having GDPR confidence.
Encrypted storage – often referred to as ‘data at rest’ – is most commonly used to encrypt an entire disk, drive or device. This type of encryption becomes effective only once the system is stopped, the drive ejected or the encryption key blocked. Encrypted content – also referred to as granular encryption – means, typically, encrypting files or text at the application level. The most common example is email encryption, where the message format must remain intact for the email client application to be able to handle it, but the text body of the email is encrypted along with any attachments.
Our privacy consultants can work with you to conduct the entire GDPR review process – including a risk analysis, level of effort analysis, and a prioritized GDPR project plan. For each gap, you’ll then need to identify specific remediation actions and estimate Levels of Effort – Low, Medium, and High. We map out the gaps and make sure each group is compliant with the GDPR. By investing the time up front to perform the proper analysis and planning, you can be confident that you will efficiently and effectively mitigate risk while meeting your company’s business objectives.
General Data Protection Regulation
With the General Data Protection Regulation 2016/679), the European Parliament, the Council and the European Commission intend to strengthen and unify data protection and privacy for individuals within the European Union. When the law takes effect in May 2018, it will trigger significant changes to how global brands approach online marketing, data protection and privacy policies. It’s important to note that the new legislation also addresses the export of personal data outside the EU – effectively extending its application to any business with even a single customer in Europe.
Data Catalog GDPR Compliant Solutions by Waterline Data
Organizations that fail to comply could be fined up to a maximum of €20,000,000 or 4 percent of annual global revenue, whichever is higher. Most organizations don’t have this information documented, and gathering it across a distributed data estate without some level of automation is next to impossible. Waterline provides the only solution that directly addresses the challenges presented by GDPR with software that automatically discovers data subject to GDPR; generates reports on the status of your GDPR compliant and non-compliant data; and makes it easy to secure GDPR data.
General Data Protection Regulation
Manage and implement security program practices on premises and in the cloud, such as risk assessment and mitigation, incident identification, escalation, response, forensics and resolution, personnel roles and responsibilities. Measure, document, and communicate program effectiveness to stakeholders. Monitor security operations and intelligence: monitor, detect, respond to and mitigate threats. Manage and implement security program practices such as risk assessment, roles and responsibilities, program effectiveness. Govern data incident response and forensics practices.
GDPR Compliance for Small Businesses
SecurityMetrics PIIscan is a data discovery tools that assists with GDPR requirements by discovering unencrypted Personally Identifiable Information. PIIscan searches computer systems, hard drives, and attached storage devices for unencrypted PII. Once PIIscan has discovered unencrypted PII, a report is generated that displays where the data is located. This makes it easy to securely delete or encrypt this data and reduce your organization’s risk. By using PIIscan, you will also save time by not having to manually search for unencrypted PII on your systems.