GDPR: A Game of Snakes and Ladders
eBook - ePub

GDPR: A Game of Snakes and Ladders

How Small Businesses Can Win at the Compliance Game

Samantha Alford

  1. 252 páginas
  2. English
  3. ePUB (apto para móviles)
  4. Disponible en iOS y Android
eBook - ePub

GDPR: A Game of Snakes and Ladders

How Small Businesses Can Win at the Compliance Game

Samantha Alford

Detalles del libro
Vista previa del libro
Índice
Citas

Información del libro

For many small businesses, organisations, clubs, artists, faith groups, voluntary organisations/charities and sole traders, applying the General Data Protection Regulation (GDPR) has been like playing a game of "Snakes and Ladders". As soon as you move along the board and climb a ladder, a snake appears, which takes you right back to where you started. Conflicting advice abounds and there is nowhere for these individuals to go for simple answers all in one place. With the threat of fines seeming around every corner, now more than ever is the time for smaller organisations to get to grips with GDPR so that they can demonstrate their compliance.

GDPR: A Game of Snakes and Ladders is an easy to read reference tool, which uses simple language in bite size easily signposted chapters. Adopting a no-nonsense approach, the Regulation is explained so that organisations can comply with the minimum of fuss and deliver this compliance in the shortest timeframe without the need to resort to expensive consultants or additional staff. The book is supported by a variety of easy to follow case studies, example documents and fact sheets. The author signposts warnings and important requirements (snakes) and hints and suggestions (ladders) and also provides a section on staff training and a Game of Snakes and Ladders training slide pack. Additional resources are available on the companion website.

This user-friendly book, written by a Data Protection Officer and business management specialist will help you understand the Regulation, where it applies in your organisation and how to achieve compliance (and win at the compliance game).

Preguntas frecuentes

¿Cómo cancelo mi suscripción?
Simplemente, dirígete a la sección ajustes de la cuenta y haz clic en «Cancelar suscripción». Así de sencillo. Después de cancelar tu suscripción, esta permanecerá activa el tiempo restante que hayas pagado. Obtén más información aquí.
¿Cómo descargo los libros?
Por el momento, todos nuestros libros ePub adaptables a dispositivos móviles se pueden descargar a través de la aplicación. La mayor parte de nuestros PDF también se puede descargar y ya estamos trabajando para que el resto también sea descargable. Obtén más información aquí.
¿En qué se diferencian los planes de precios?
Ambos planes te permiten acceder por completo a la biblioteca y a todas las funciones de Perlego. Las únicas diferencias son el precio y el período de suscripción: con el plan anual ahorrarás en torno a un 30 % en comparación con 12 meses de un plan mensual.
¿Qué es Perlego?
Somos un servicio de suscripción de libros de texto en línea que te permite acceder a toda una biblioteca en línea por menos de lo que cuesta un libro al mes. Con más de un millón de libros sobre más de 1000 categorías, ¡tenemos todo lo que necesitas! Obtén más información aquí.
¿Perlego ofrece la función de texto a voz?
Busca el símbolo de lectura en voz alta en tu próximo libro para ver si puedes escucharlo. La herramienta de lectura en voz alta lee el texto en voz alta por ti, resaltando el texto a medida que se lee. Puedes pausarla, acelerarla y ralentizarla. Obtén más información aquí.
¿Es GDPR: A Game of Snakes and Ladders un PDF/ePUB en línea?
Sí, puedes acceder a GDPR: A Game of Snakes and Ladders de Samantha Alford en formato PDF o ePUB, así como a otros libros populares de Commerce y Gestion de l'information. Tenemos más de un millón de libros disponibles en nuestro catálogo para que explores.

Información

Editorial
Routledge
Año
2020
ISBN
9781000027211
Edición
1
Categoría
Commerce
Categoría
Gestion de l'information

Chapter 1

What is the General Data Protection Regulation (GDPR)?
If you keep someone’s name and contact details in any form of database (be these paper files or on the computer) and you use that information for business within the EU then the GDPR applies to you. There are only a few exceptions such as if the processing is for purely personal use or law enforcement.
General Data Protection Regulation (GDPR) is the 2018 European Union Regulation on data protection and privacy for individuals. It enshrines the necessity to keep personal information private.
This chapter provides and introduction to the Regulation outlining the key components and principles of GDPR. It provides the reader with an overview of where the legislation applies, what has changed from previous data protection legislation and what these changes mean for business. It is designed as an overview for those wishing to understand more about how it will affect them and their businesses. The chapter concludes with a section on actions that small and medium size businesses should take in order to ensure that they are complainant with this relatively “new” Regulation.
Although GDPR appears quite complex at first glance, it is based on the very simple concept that individuals have a right to keep their personal data private, and have the right to understand and decide what happens to this information.
The legislation applies throughout Europe and will apply in the UK irrespective of Brexit. This is because the UK Data Protection Act was updated in May 2018 to replicate GDPR. On exit from the EU the UK-GDPR will come into effect which mirrors the EU GDPR legislation.
Getting data protection wrong can have a significant impact both on the individuals about whom data is being processed and the business processing the data. The fines that can be imposed on a business or organisation by the regulatory bodies are significant. Therefore, whatever the size of the organisation, it is essential that you take GDPR seriously. No matter how much personal data you hold, you must ensure that you comply with GDPR.
GDPR consolidated all the previous data privacy laws from across Europe. It is also a vehicle to protect the privacy of the individual (be they an EU citizen, a person living or working in the EU or someone whose data is processed by an entity based in the EU). Figure 1.1 shows these three instances where the GDPR applies.
In the UK, the EU (Withdrawal) Act 2018 gives the government regulation-making powers to transitionally recognise all EEA countries as having “adequate” systems of data protection (from the UK). It is unclear at the time of writing if this will be reciprocated by the EU, so UK companies wishing to do business in Europe after Brexit have been recommended to put safeguards in place so that they can pass an “adequacy” test. In order to pass this “adequacy” test, organisations will have to comply with GDPR and have suitable contracts in place with their Processors.
Figure 1.1 Where GDPR Applies
Any information that relates to an identifiable person is referred to in GDPR as “personal data”. It doesn’t matter whether the individual could be directly or indirectly identified through this data.
This means that personal data can include names, contact details, CCTV, photographs, car registrations, as well as dates of birth, credit card details, etc. (Personal data is covered in more detail in Chapter 6 on p. 117.)
Personal data can be held in paper files, on a phone or in a computer database. But, irrespective of how you hold the data, all information that is held on file is covered by the legislation.

Basic concept of GDPR

The basic concept of GDPR is that processing should be lawful, fair and transparent.
  • In order to collect and use personal data the organisation must have valid grounds under the GDPR (this is known as a “lawful basis”).
  • The data must only be processed in a way that is fair. Most especially data must not be processed in a way that is unduly detrimental, unexpected or misleading to the individuals concerned.
  • The organisation must be clear, open and honest (transparent) with people from the start about how they plan to use an individual’s pe...

Índice

  1. Cover
  2. Half Title
  3. Title Page
  4. Copyright Page
  5. Dedication
  6. Table of Contents
  7. List of tables
  8. List of figures
  9. List of case studies
  10. List of quotes
  11. Preface
  12. 1. What is the General Data Protection Regulation (GDPR)?
  13. 2. GDPR terminology
  14. 3. The GDPR Articles and Recitals
  15. 4. Applying GDPR to your organisation
  16. 5. Data Controllers, Data Processors and the Data Protection Officer
  17. 6. Analysing what personal data you hold
  18. 7. Privacy Policies and Notices
  19. 8. Recording your processing activities
  20. 9. Sharing information electronically
  21. 10. Data Breaches
  22. 11. Keeping data safe
  23. 12. Retaining and deleting data
  24. 13. An individual’s rights under GDPR
  25. 14. GDPR training
  26. GDPR resource links
  27. Index
Estilos de citas para GDPR: A Game of Snakes and Ladders

APA 6 Citation

Alford, S. (2020). GDPR: A Game of Snakes and Ladders (1st ed.). Taylor and Francis. Retrieved from https://www.perlego.com/book/1520776/gdpr-a-game-of-snakes-and-ladders-how-small-businesses-can-win-at-the-compliance-game-pdf (Original work published 2020)

Chicago Citation

Alford, Samantha. (2020) 2020. GDPR: A Game of Snakes and Ladders. 1st ed. Taylor and Francis. https://www.perlego.com/book/1520776/gdpr-a-game-of-snakes-and-ladders-how-small-businesses-can-win-at-the-compliance-game-pdf.

Harvard Citation

Alford, S. (2020) GDPR: A Game of Snakes and Ladders. 1st edn. Taylor and Francis. Available at: https://www.perlego.com/book/1520776/gdpr-a-game-of-snakes-and-ladders-how-small-businesses-can-win-at-the-compliance-game-pdf (Accessed: 14 October 2022).

MLA 7 Citation

Alford, Samantha. GDPR: A Game of Snakes and Ladders. 1st ed. Taylor and Francis, 2020. Web. 14 Oct. 2022.