Page Title Image

GDPR – The Six Privacy Principles

With GDPR, there are six principles which give companies a broad, top level overview of which areas are covered by the new regulation. These principles are:

Lawfulness, fairness and transparency

Transparent: The subject must be told what data processing will be done.
Fair: What is processed must match how it has been described
Lawful: Processing of the data must meet the tests described in GDPR [article 5, clause 1(a)].

Purpose limitations

Personal data can only be obtained for “specified, explicit and legitimate purposes” [article 5, clause 1(b)]. This means that data can only be used for a specific processing purpose that the subject has been made aware of and no other, without obtaining further consent from the subject.

Data minimisation

Data collected on a subject should be “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed”. [Article 5, clause 1(c)]. This means that no more than the minimum amount of data should be kept for specific processing.

Accuracy

Data must be “accurate and where necessary kept up to date” [article 5, clause 1(d)]. Baselining (comparing current computer network performance to a historical metric) can help to ensure good protection, and protection against identity theft. Data holders should also build rectification processes into data management and archiving activities for subject data.

Storage limitations

The Regulator will expect all personal data to be “kept in a form which permits identification of data subjects for no longer than necessary”. [Article 5, clause 1(e)]. This means that businesses / organisations will need to stay on top of the job of removing any data that is no longer required.

Integrity and confidentiality

Processors of data will need to handle that data “in a manner [ensuring] appropriate security of the personal data including protection against unlawful processing or accidental loss, destruction or damage”. [Article 5, clause 1(f)].

DPIA – Data Protection Impact Assessments

DPIA – Data Protection Impact Assessments

Data Protection Impact Assessments are a mandatory) way of identifying, assessing and mitigating or minimising privacy risks.

Read more
GDPR – The Six Privacy Principles

GDPR – The Six Privacy Principles

There are six principles which give companies a broad, top level overview of which areas are covered by the new regulation.

Read more
GDPR – Data Subjects’ Rights

GDPR – Data Subjects’ Rights

GDPR lists a range of customers’ or data subjects’ rights that must be adhered to. If you hold data on anyone, they have a right to know.

Read more
GDPR Consent

GDPR Consent

Under GDPR your company must be able to prove clear and affirmative consent to process personal data.

Read more
GDPR Liabilities to your Business

GDPR Liabilities to your Business

Liability and responsibility will extend to all organisations that touch the personal data of the subject / subjects.

Read more
GDPR and Your Business

GDPR and Your Business

Companies need to take a fresh look at how they deal with personal data in all aspects of operations, and 3rd party business relationships.

Read more
Post Brexit – Data Protection Bill

Post Brexit – Data Protection Bill

This new UK Data Protection Bill will replace the Data Protection Act 1998, and will essentially transfer the EU’s GDPR into UK law post Brexit.

Read more

CALL US TODAY FOR SUPERIOR IT SUPPORT

Globalnet aims to be an integral part of your success, providing the best business advice, superior IT support and technology to help you reach your goals.

0203 005 9650