The EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC) on 25 may 2018. (GDPR) will replace the 1995 EU Data Protection Directive (European Directive 95/46/EC) on 25 May 2018. GDPR will strengthen individual's rights in regard to their personal data whilst creating uniformity of law across Europe. Organisations will be subject to new responsibilities and obligations, including the need to demonstrate compliance.
Holdan welcomes the arrival of the GDPR and the opportunity it affords us to build on, and deliver, a high level of data protection and security in relation to personal data that our employees, customers and business partners entrust with us.
OUR COMMITMENT TO DATA PRIVACY & SECURITY
Holdan will comply with its obligations under GDPR regulations with the transparency, predictability and consistency you would expect. As part of GDPR compliance, having carried out a GAP analysis with a specialist third party, some of our actions include:
- Appointment of a team of GDPR champions to coordinate the GDPR compliance project
- A staff training and awareness programme is in place. In addition, and to guarantee that there is accountability and shared responsibility for ensuring compliance-from Board level down and across the Midwich group, further staff training and awareness programmes shall be undertaken by all employees on a regular basis.
- Implementation of new policies & procedures specifically for GDPR
- A rewrite of existing policies and terms and conditions to ensure they are GDPR compliant
- Establishment of data sharing agreements with relevant third parties who process personal data on behalf of Midwich
- Inventory of records carried out to ensure there is visibility of all personal records held by Midwich
- Enhanced IT security including encryption and USB controls
- Investment in third party software to document our policies, GDPR training records and inventory of records