Data; the rising star of the 21st century. With everyone being online and in the cloud these days, data is all around us. Companies are interested in collecting as much personal information as possible, to help them market, sell, and predict. Trading data is a booming and profitable business; Organisations are keen to purchase these databases of personal identifiable data, and companies like Whatsapp are worth over 20 billion USD, just because of this data.
With the wide availability of data, there comes risk – personal consumer data is used in many different ways, some more beneficial to consumers than others. To make sure that consumer rights are well kept, new stricter data protection laws will be rolled out across Europe starting 25 May 2018, in the form of the General Data Protection Regulation (GDPR).
What is GDPR?
GDPR is a new European Union (EU) centric legal framework that sets guidelines for collecting and processing personal information of individuals. In some EU countries the rules are already quite strict, but in others less so. The new GDPR laws align the regulation over the EU countries and ensure protection of the rights of the individual when it comes to their personal data, with considerable fines being imposed if an organisation does not meet these principles.
Why does it affect your assessment practices?
Assessments are inevitably linked to the collection of an individual’s personal data, which means that awareness of the GDPR regulations is essential: The new legislation will put constraints on what candidate data is collected and how this is done. The storage of this data will need to be carefully managed under the new legislation, and candidates have increased rights to access their data and request its erasure at any given time.
What is Cubiks doing?
Our online systems already treat all data in accordance with the current EU directive (whether or not data subjects are EU citizens), and further measures were taken in the process of gaining our ISO 27001 accreditation, so we have a strong starting point. However, GDPR has significant implications for Cubiks’ business, and we have started to prepare many months ago, with an audit that led us to review a variety of practices linked to the data of individuals. By implementing changes in the way we collect, store and provide access to our data, we can ensure that we are fully compliant with the new GDPR guidelines when these come into action on 25th May 2018.
If you’d like to know more about what Cubiks is doing for the GDPR, please get in touch with your local Cubiks office, or contact our HQ on firstname.lastname@example.org or +44 1483 544 290