CANDELA PREPARATIONS FOR GDPR

Data privacy and information security have always been important earning and keeping the trust of clients and candidates. However, with the advent of the European Union’s new General Data Protection Regulation, Candela has committed to reviewing and strengthening our commitment to data protection and security.

GDPR goes into effect on May 25, 2018. In preparation, Candela is working to assess and improve our policies, processes and systems to ensure that we protect the privacy rights of all data subjects about who we hold personal information. 

timon-studler-63413-unsplash.jpg

STRENGTHENING PRIVACY PROTECTIONS

We are actively  reviewing our current privacy notices and putting a plan in place for making any necessary changes in time for GDPR implementation.

We are evaluating our procedures to ensure they cover all the rights individuals have, including how we delete personal data or provide data electronically.

We are reviewing how we seek, record and manage consent while also refresh existing consents if it does not meet the GDPR standard.

nik-macmillan-280300-unsplash.jpg

IMPROVING PROCESSES, IT STRUCTURES AND SYSTEMS

We are reviewing our IT structure and ensuring that our systems and devices are up to GDPR standards. In this process, we are a making improvement to a number of key systems we use to ensure that they meet GDPR criteria.

We also training our staff on all system enhancements and affected processes.

markus-spiske-221494-unsplash.jpg

Enhancing Data Breach Response Measures

We are working hard to ensure  that we have the right procedures in place to detect, report and investigate a personal data breach.

We have also designating personnel to take responsibility for data protection compliance and assess where this will sit within our firm's structure.