The clock is ticking. Literally and figuratively. Just visit the GDPR portal, and you’ll see a daunting days-hours-minutes-seconds countdown titled, “Time Until GDPR Enforcement.”
Learn More About GDPR and the Impact It Has On Your Association
If your association has employees, members, prospects or customers residing in the EU (regardless of their citizenship), you’re required to meet General Data Protection Regulation (GDPR) compliance standards. So, if this is you, you’re probably busy researching and preparing to comply with this new European Union (EU) legislature, set to be enforced starting May 25, 2018.
At Community Brands, we’re not only preparing to comply, ourselves, we’re also doing everything we can to ensure our association customers are ready for this major change in data privacy regulation aimed at protecting all EU residents from privacy and data breaches.
We put together a comprehensive GDPR ebook, and recently conducted a webinar that focused on the impact of GDPR on associations. Our webinar panel of experts covered these topics and more …
What are associations responsible for?
Policies and Agreements
You should be updating privacy statements and contracts to meet GDPR standards and providing transparency into how your business uses data. Conduct your business with full transparency, providing disclosure information to data subjects in clear and simple terms.
Privacy by Design
Embrace data protection by design. Internal processes and procedures should always consider the rights and protection of your members and their data.
Ensure processors and third parties are compliant. Ask for guidance on how to use the tools you will need for your own compliance.
Take only what you need. When capturing information ask, “How does my having this piece of data benefit my member?”
Data Subject Rights
Put processes in place that enable users to easily enact their data subject rights, including:
- Right to be forgotten
- Right to receive copies of personal data
- Right to correct data
Compliance Action Plan
Work with vendors to ensure timely responses to subject access requests. And, have a plan in place in the event of a data breach. Know and understand your responsibilities for reporting breaches to the Data Protection Authority (DPA).