CANDELA PREPARATIONS FOR GDPR
Data privacy and information security have always been important earning and keeping the trust of clients and candidates. However, with the advent of the European Union’s new General Data Protection Regulation, Candela has committed to reviewing and strengthening our commitment to data protection and security.
GDPR goes into effect on May 25, 2018. In preparation, Candela is working to assess and improve our policies, processes and systems to ensure that we protect the privacy rights of all data subjects about who we hold personal information.
STRENGTHENING PRIVACY PROTECTIONS
We are actively reviewing our current privacy notices and putting a plan in place for making any necessary changes in time for GDPR implementation.
We are evaluating our procedures to ensure they cover all the rights individuals have, including how we delete personal data or provide data electronically.
We are reviewing how we seek, record and manage consent while also refresh existing consents if it does not meet the GDPR standard.
IMPROVING PROCESSES, IT STRUCTURES AND SYSTEMS
We are reviewing our IT structure and ensuring that our systems and devices are up to GDPR standards. In this process, we are a making improvement to a number of key systems we use to ensure that they meet GDPR criteria.
We also training our staff on all system enhancements and affected processes.
Enhancing Data Breach Response Measures
We are working hard to ensure that we have the right procedures in place to detect, report and investigate a personal data breach.
We have also designating personnel to take responsibility for data protection compliance and assess where this will sit within our firm's structure.