eBook - ePub

GDPR: A Game of Snakes and Ladders

Name: GDPR: A Game of Snakes and Ladders
Author: Samantha Alford

How Small Businesses Can Win at the Compliance Game

Samantha Alford

252 pages
English
ePUB (adapté aux mobiles)
Disponible sur iOS et Android

eBook - ePub

GDPR: A Game of Snakes and Ladders

How Small Businesses Can Win at the Compliance Game

Samantha Alford

Détails du livre

Aperçu du livre

Table des matières

Citations

À propos de ce livre

For many small businesses, organisations, clubs, artists, faith groups, voluntary organisations/charities and sole traders, applying the General Data Protection Regulation (GDPR) has been like playing a game of "Snakes and Ladders". As soon as you move along the board and climb a ladder, a snake appears, which takes you right back to where you started. Conflicting advice abounds and there is nowhere for these individuals to go for simple answers all in one place. With the threat of fines seeming around every corner, now more than ever is the time for smaller organisations to get to grips with GDPR so that they can demonstrate their compliance.

GDPR: A Game of Snakes and Ladders is an easy to read reference tool, which uses simple language in bite size easily signposted chapters. Adopting a no-nonsense approach, the Regulation is explained so that organisations can comply with the minimum of fuss and deliver this compliance in the shortest timeframe without the need to resort to expensive consultants or additional staff. The book is supported by a variety of easy to follow case studies, example documents and fact sheets. The author signposts warnings and important requirements (snakes) and hints and suggestions (ladders) and also provides a section on staff training and a Game of Snakes and Ladders training slide pack. Additional resources are available on the companion website.

This user-friendly book, written by a Data Protection Officer and business management specialist will help you understand the Regulation, where it applies in your organisation and how to achieve compliance (and win at the compliance game).

Foire aux questions

Comment puis-je résilier mon abonnement ?

Il vous suffit de vous rendre dans la section compte dans paramètres et de cliquer sur « Résilier l’abonnement ». C’est aussi simple que cela ! Une fois que vous aurez résilié votre abonnement, il restera actif pour le reste de la période pour laquelle vous avez payé. Découvrez-en plus ici.

Puis-je / comment puis-je télécharger des livres ?

Pour le moment, tous nos livres en format ePub adaptés aux mobiles peuvent être téléchargés via l’application. La plupart de nos PDF sont également disponibles en téléchargement et les autres seront téléchargeables très prochainement. Découvrez-en plus ici.

Quelle est la différence entre les formules tarifaires ?

Les deux abonnements vous donnent un accès complet à la bibliothèque et à toutes les fonctionnalités de Perlego. Les seules différences sont les tarifs ainsi que la période d’abonnement : avec l’abonnement annuel, vous économiserez environ 30 % par rapport à 12 mois d’abonnement mensuel.

Qu’est-ce que Perlego ?

Nous sommes un service d’abonnement à des ouvrages universitaires en ligne, où vous pouvez accéder à toute une bibliothèque pour un prix inférieur à celui d’un seul livre par mois. Avec plus d’un million de livres sur plus de 1 000 sujets, nous avons ce qu’il vous faut ! Découvrez-en plus ici.

Prenez-vous en charge la synthèse vocale ?

Recherchez le symbole Écouter sur votre prochain livre pour voir si vous pouvez l’écouter. L’outil Écouter lit le texte à haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, l’accélérer ou le ralentir. Découvrez-en plus ici.

Est-ce que GDPR: A Game of Snakes and Ladders est un PDF/ePUB en ligne ?

Oui, vous pouvez accéder à GDPR: A Game of Snakes and Ladders par Samantha Alford en format PDF et/ou ePUB ainsi qu’à d’autres livres populaires dans Commerce et Gestion de l'information. Nous disposons de plus d’un million d’ouvrages à découvrir dans notre catalogue.

Informations

Éditeur

Routledge

Année

2020

ISBN

9781000027211

Édition

Sujet

Commerce

Sous-sujet

Gestion de l'information

Chapter 1 What is the General Data Protection Regulation (GDPR)?

If you keep someone’s name and contact details in any form of database (be these paper files or on the computer) and you use that information for business within the EU then the GDPR applies to you. There are only a few exceptions such as if the processing is for purely personal use or law enforcement.

General Data Protection Regulation (GDPR) is the 2018 European Union Regulation on data protection and privacy for individuals. It enshrines the necessity to keep personal information private.

This chapter provides and introduction to the Regulation outlining the key components and principles of GDPR. It provides the reader with an overview of where the legislation applies, what has changed from previous data protection legislation and what these changes mean for business. It is designed as an overview for those wishing to understand more about how it will affect them and their businesses. The chapter concludes with a section on actions that small and medium size businesses should take in order to ensure that they are complainant with this relatively “new” Regulation.

Although GDPR appears quite complex at first glance, it is based on the very simple concept that individuals have a right to keep their personal data private, and have the right to understand and decide what happens to this information.

The legislation applies throughout Europe and will apply in the UK irrespective of Brexit. This is because the UK Data Protection Act was updated in May 2018 to replicate GDPR. On exit from the EU the UK-GDPR will come into effect which mirrors the EU GDPR legislation.

Getting data protection wrong can have a significant impact both on the individuals about whom data is being processed and the business processing the data. The fines that can be imposed on a business or organisation by the regulatory bodies are significant. Therefore, whatever the size of the organisation, it is essential that you take GDPR seriously. No matter how much personal data you hold, you must ensure that you comply with GDPR.

GDPR consolidated all the previous data privacy laws from across Europe. It is also a vehicle to protect the privacy of the individual (be they an EU citizen, a person living or working in the EU or someone whose data is processed by an entity based in the EU). Figure 1.1 shows these three instances where the GDPR applies.

In the UK, the EU (Withdrawal) Act 2018 gives the government regulation-making powers to transitionally recognise all EEA countries as having “adequate” systems of data protection (from the UK). It is unclear at the time of writing if this will be reciprocated by the EU, so UK companies wishing to do business in Europe after Brexit have been recommended to put safeguards in place so that they can pass an “adequacy” test. In order to pass this “adequacy” test, organisations will have to comply with GDPR and have suitable contracts in place with their Processors.

Any information that relates to an identifiable person is referred to in GDPR as “personal data”. It doesn’t matter whether the individual could be directly or indirectly identified through this data.

This means that personal data can include names, contact details, CCTV, photographs, car registrations, as well as dates of birth, credit card details, etc. (Personal data is covered in more detail in Chapter 6 on p. 117.)

Personal data can be held in paper files, on a phone or in a computer database. But, irrespective of how you hold the data, all information that is held on file is covered by the legislation.

Basic concept of GDPR

The basic concept of GDPR is that processing should be lawful, fair and transparent.

In order to collect and use personal data the organisation must have valid grounds under the GDPR (this is known as a “lawful basis”).
The data must only be processed in a way that is fair. Most especially data must not be processed in a way that is unduly detrimental, unexpected or misleading to the individuals concerned.
The organisation must be clear, open and honest (transparent) with people from the start about how they plan to use an individual’s pe...

Table des matières

Cover
Half Title
Title Page
Copyright Page
Dedication
Table of Contents
List of tables
List of figures
List of case studies
List of quotes
Preface
1. What is the General Data Protection Regulation (GDPR)?
2. GDPR terminology
3. The GDPR Articles and Recitals
4. Applying GDPR to your organisation
5. Data Controllers, Data Processors and the Data Protection Officer
6. Analysing what personal data you hold
7. Privacy Policies and Notices
8. Recording your processing activities
9. Sharing information electronically
10. Data Breaches
11. Keeping data safe
12. Retaining and deleting data
13. An individual’s rights under GDPR
14. GDPR training
GDPR resource links
Index

Normes de citation pour GDPR: A Game of Snakes and Ladders

APA 6 Citation

Alford, S. (2020). GDPR: A Game of Snakes and Ladders (1st ed.). Taylor and Francis. Retrieved from https://www.perlego.com/book/1520776/gdpr-a-game-of-snakes-and-ladders-how-small-businesses-can-win-at-the-compliance-game-pdf (Original work published 2020)

Chicago Citation

Alford, Samantha. (2020) 2020. GDPR: A Game of Snakes and Ladders. 1st ed. Taylor and Francis. https://www.perlego.com/book/1520776/gdpr-a-game-of-snakes-and-ladders-how-small-businesses-can-win-at-the-compliance-game-pdf.

Harvard Citation

Alford, S. (2020) GDPR: A Game of Snakes and Ladders. 1st edn. Taylor and Francis. Available at: https://www.perlego.com/book/1520776/gdpr-a-game-of-snakes-and-ladders-how-small-businesses-can-win-at-the-compliance-game-pdf (Accessed: 14 October 2022).

MLA 7 Citation

Alford, Samantha. GDPR: A Game of Snakes and Ladders. 1st ed. Taylor and Francis, 2020. Web. 14 Oct. 2022.