Continuous GDPR compliance
Organisations are very much aware of the deadline of 25 May 2018 to become GDPR compliant. But let us not forget that 25 May is not just the end of the period to become compliant. Even more, it is the start of an era where organisations are to be GDPR compliant continuously.
So, as organisations are working to update their privacy statements, improve consent (e.g. opt-in vs opt-out), document records of processing, determine retention schedules and remove old personal data, determine person's (data subject) rights to be adhered to, and more, organisations should consider two perspectives:
- Manage the complete life cycle of personal data in the organisation
- Demonstrate GDPR compliance continuously