What is the GDPR?
“GDPR” stands for General Data Protection Regulation. The GDPR is the new Data Protection Regulation and replaces the older texts relating to data protection (Directive 95/46/EC and the Data Protection Act of 8 December 1992). The GDPR will come into effect on 25 May 2018. Although the main principles of the GDPR are basically the same as those enshrined in earlier legislation, it does include a number of new elements (in relation to the rights data subjects enjoy and the obligations subcontractors are bound by, for instance).
What are the main strands of SECUREX’s GDPR action plan?
The SECUREX GDPR action plan features the following 5 main strands (workstreams):
Workstream 1 - Governance: review and fine-tuning of our internal policies, procedures and processes and, where appropriate, the establishment of new procedures, policies or processes.
Workstream 2 - Registers: a review of all our personal data processing operations (data flows) and the setting-up of data registers for each line of business/entity of the SECUREX Group.
Workstream 3 - Customers: a review of all the contractual clauses between clients and the various entities of the SECUREX Group.
Workstream 4 – Vendors & Partners: a review of the contractual clauses between suppliers, subcontractors and partners and SECUREX.
Workstream 5 – Training & Awareness: Training and briefing SECUREX staff on the ins and outs of data protection.