The new General Data Protection Regulations came into effect on 25 May 2018.
In this talk, I will highlight the key areas that you need to consider if you own software, whether you develop it for internal use or provide it to others. I will give an overview of how GDPR applies to software products and how it impacts;
- Business models - there are some models that are no longer feasible.
- Risk management and exposure.
- Contracts, sub processors and joint controllers.
- Process changes you need to implement.
- Preparing for a data breach.
GDPR is the replacement for the Data Protection Act. The deadline for compliance is May 2018 and it arrives with much tighter rules and significantly increased fines. It has a an extended scope and tighter rules for consent, subject access requests, the right to be forgotten, automated deletion, auditing and more.
Even if you think you don’t store or process personal data - you may find that you do, as far as the GDPR is concerned.