With less than 1 month until its effective date, any company that deals with personal data is now – or should be! – aware of the looming acronym “GDPR.”
GDPR is the Europen Union’s General Data Protection Regulation, which goes into effect on May 25, 2018. The new regulation gives individuals more control over their personal information, and impacts any company or organization that collects personal data from a citizen of the EU. Failure to comply with GDPR can lead to fines, and in extreme cases, criminal penalties.
It’s a large piece of legislation that will likely change the way we collect and store candidate data. This guide dives into 4 key points that deserve your attention:
1. Information transparency and consent
2. Data inventory and mapping
3. Data accuracy, retention and destruction
4. Data Protection Impact Analyses (DPIA) and security