Open Solutions International Limited embraces the General Data Protection Regulation (GDPR) which comes into force in EU member states from May 2018.
In essence, the GPDR puts into practice its six underlying principles to protect the individual and the personally identifiable information (PII).
• Lawfulness, fairness and transparency.
o Lawful: Processing must meet the tests described in GDPR [article 5, clause 1(a)].
o Fair: What is processed must match up with how it has been described.
o Transparency: Explain to the subject what data processing will be done.
• Purpose limitations: Define what it is being used for and not be used for other purposes.
• Data minimisation: Only store what is required.
• Accuracy: The data is accurate
• Storage limitations: No longer than necessary.
• Integrity and confidentiality: It is held securely and, if stored online or in the cloud, it is encrypted by default.
There is currently no “GDPR data compliance certificate” as such. The Information Commissioner’s Office (ICO) can audit any organisation to assess whether they are compliant or not. Failure to comply or evidence of gross data breaches can produce a fine of up to 4% of annual turnover or up to 20 million Euro fine.
Open Solutions International has been involved in an ongoing process to achieve GDPR compliance since August 2017.
To date, the company:
• Staff have received training on what GDPR entails
• Have updated all their software and service offerings to reflect the requirements of GDPR
• Contacted all software and service partners and suppliers to confirm they have a GDPR policy in place and comply with GDPR
Open Solutions will perform regular data and service reviews to ensure continued compliancy with GDPR