GDPR - Do you have a firm grip on your data landscape?

Thomas Bugler

GDPR will come into force on the 25th of May 2018, and represents a comprehensive reform of existing data protection measures.

In loose terms this concerns only data that can be used to directly or indirectly identify a person, including names, photos, email addresses, bank details, and posts on social networking sites.

To ensure compliance with key concepts such as the right to erasure and subject access requests, organisations need to be prepared to perform a sizeable review of how personal data is collected, stored and used. This can be quite a tall order given many have such elaborate data environments.

When considering data, organisations tend to focus on their main enterprise system or CRM database. However, it is important to appreciate that GDPR’s scope extends well beyond these, and concerns personally identifiable (PII) data that is stored on platforms such as Microsoft Exchange, Sharepoint and OneDrive - for instance, CVs stored within a user’s inbox, or marketing lists that are stored locally. So-called unstructured data, it is estimated that information of this nature accounts for more than 70-80% of all data in organisations, and poses the biggest challenge to manage.

Whilst authorisations surrounding the ability to perform data extracts can be tightened up, pragmatically the risks can only be mitigated with a deep-rooted awareness of GDPR amongst your team. However, ‘data discoveries’ shouldn’t be viewed with total dread. The concept of ‘lawful basis’ provides organisations with the opportunity to streamline their data by reviewing what they are storing and the rationale behind its collection. In addition, an organisation that has a firm grip on its data strategy can further increase trust and credibility in the marketplace by being transparent with its customers as to how personal data is handled.

Blog Post Image

Our comprehensive four stream approach to GDPR was developed through collaboration with its clients, and has it’s grounding in Sysdoc’s eight areas of specialism including process excellence and transformational change. With regards to your data challenges we can assist with the following services:

  • Data Audits: Thorough assessment of your organisations current databases, records, third party agreements and archives, enabling you to identify where personal data is stored across your network.
  • Intuitive Training: This is provided in a variety of formats, including innovative gamification options.
  • Compliance Readiness Assessments: These provide an indication of the GDPR maturity of your organisation.
  • Roadmap to Compliance: A programme of activities to progress and improve your compliance with GDPR.

We have a track record of managing change and delivering process excellence at some of the UK’s largest companies. We’d love to discuss your GDPR programme with you and provide some more details on our approach to achieving compliance. For more information, or to arrange an initial discussion, please contact [email protected]

Latest blog posts

See all blog posts

Juggling January

As much as I love Christmas, I hate January. For me, January is the most difficult month of the year – oh hi January blues, long time no see…   Do you know that feeling? If not, then you can count yourself as lucky. January blues is a form of depression that some people feel after the magic of Christmas and holidays come to an end. Its secret ingredients: A lack of motivation, exhaustion, melancholy, and excess of melatonin.  

Andrina Janning

How we live now

Regardless of the latest restrictions and the challenges that lie ahead, there is now light at the end of the tunnel. Albeit a light that comes in and out of focus for many. There is now a future where we can start to heal, to unite, renew and to plan for a more certain outlook. If 2020 taught us one thing, it was to expect the unexpected – to be prepared to change, adapt at a moment’s notice. A quality I am sure we did not know we needed to possess as critically as we do now. This has been equally applicable for organisations as it has for individuals – with business plans and personal goals alike upturned and forward planning a challenge. What has this, perhaps necessary, blip in the history of the world taught us? What do we want the post-COVID working world to feel like? Are there elements of how we live now, that we want to continue with?

Guy Sorrill

Keeping it on the DL - Guest Speaker LPI Chairman Donald H Taylor

Shall we jump right in? Are L&D teams relevant anymore? Given the steer towards customised, personalised learning do you still need an L&D team. Well, we are walking into this vlog with a bang. It is a crucial question and the elephant in the room that we should all be asking ourselves. LPI Chairman and Guest Speaker for this month’s vlog Donald H Taylor cleverly approaches this question. So, the answer is yes and no. Unfortunately, you cannot measure learning, but most learning takes place outside what L&D does. We live in a world where people can increasingly access information themselves and there are so many options on the market that it is no longer sufficient to just rely on L&D functions. L&D needs to adjust to this new world and as we have experienced previously, they are not the sole gatekeepers to knowledge anymore. However, they can make themselves an essential cog in the machine. The scope of what L&D should be doing has increased and it needs to adapt so it can help individuals reach their potential. Let’s face facts, Covid-19 has given people the time and determination to take up learning on their own. Upskilling was already a huge priority pressing on people’s minds prior to 2020 and as we move to a remote world, online learning is not only essential but the default option. 

Sarah Vaughan