We’re one month away from the GDPR (technically 5 weeks and 1 day), and businesses are are wrangling their teams together to get processes and compliance in place. In our latest webinar hosted by Kyle Robbins, JD, Legal Solutions & Privacy at PactSafe, we discuss what we know about May 25’s GDPR, as well as:
Below is a quick breakdown of the webinar. See the full video recap below, and tweet us your questions and comments @PactSafe with #PactSafeGDPR.
The risks for not complying with the GDPR are real, and they will be enforced. Once audited, organizations will have 30 days to provide proof and record of consent of use of users’ data. 4% of annual revenues serves as one of the penalties for non-compliance, and 100 organization lists are rumored to be held by certain DPAs.
Consent has seemed to be pushed down the priority list at some organizations, which is a major miscalculation. Consent is the easiest thing regulators can see, and several organizations don’t have a plan in place to track and manage data consent.
Below are five areas you need to look into in your organization for compliance:
Below are the GDPR Article 7 requirements for May 25’s GDPR:
So what does this mean? It means the status quo for how a majority of organizations manage consent must change. The current practices at risk are a user’s experience for how they opt-in into a business and how a businesses manages and tracks a user’s opt-in.
Below are some specific things you’ll need, per the advice of the WP29 working group:
Front end UI (user interface) changes:
On the backend, we typically see four common failures:
Here are back end changes to make that put aside the common mishaps above:
Built by lawyers, for lawyers, PactSafe’s consent management platform leans on our history of helping enterprise organizations protect their online terms and policies, while streamlining workflows behind the scenes.