Top Tips For Open Privacy under the GDPR
Of all the privacy risks an organisation faces today, there are 3 ways in which a regulatory audit will occur for organisations that don’t deal with special categories of data.
- People will complain to a regulator
- A Data Breach will attract a regulator
- Whistle Blowing will out you to a regulator
Tip #1 Be Aware of your own Open Public Privacy Profile
Note: In the future, there will be certifications and trust-marks that will help to automate public privacy for organisations. The European Union is currently building this infrastructure, so until there are standards, or you find some technology that enables your organisation to let people control their own data, it’s up to your organisation to be on its best behaviour.
Tip #2: Register with the ICO
Be publicly open and register with an authoritative 3rd party like the UK ICO data controller registry while you can, not only is it inexpensive, but this provides an independent point of privacy transparency to increase a brand’s trust. The ICO data controller registry provides a means for organisations to show off some privacy prowess and be used as apart of a way to show low compliance risk with EU regulations via an independent public privacy profile.
Tip #3 Privacy Response
2. Respond in the allotted time by UK regulation, regardless of where your organisation resides in the world, and if you do, a regulator won’t easily have the opportunity to audit you.