Using GDPR to gain citizen confidence
22nd May 2020
In our digital world, personal data is collected, processed, stored and transferred countless times each day as we embrace the digital economy and the ease of conducting our personal and professional lives from internet connected devices. Existing data protection rules were not geared up to these modern needs, so GDPR was introduced in May 2018 to address this.
We’re all data subjects, and we reasonably expect that our personal data will only be used for purposes which we understand and agree to. As data controllers, how can we provide the assurance that our customers or citizens need? Firstly, clear Privacy Notices help to explain what data we require, the legal basis for processing it, what we intend to do with it, details of any sharing with third parties, how long we intend to keep it, etc. Further, where high risks to the rights or freedoms of data subjects exist, we need to undertake documented “DPIAs” or Data Protection Impact Assessments to fully understand and mitigate those risks.
InfoSaaS solutions help many organisations to remain compliant with GDPR’s comprehensive requirements by promoting transparency of personal data processing. In turn, this provides evidence to citizens which should help to gain their trust, reassuring them that your personnel can be trusted with their personal data for specific purposes, and that there are data subject rights which they can exercise. Citizen confidence in personal data protection may take time to build, but through personnel negligence it can be destroyed in a matter of seconds.