Part 2: The GDPR: The Three Cs - Compliance

Part 2: The GDPR: The Three Cs - Compliance

In an industry underpinned by data, it is unlikely that the acronym ‘GDPR’ is an unfamiliar term to those working in executive search. In May 2018, the rules and regulations regarding the way in which data is stored, shared and moved will change dramatically, and this will have a significant impact on the working practices of the executive search professional, whether working for a search firm or in-house. You can read an overview of the GDPR here.

The forthcoming changes to data protection legislation are complex and must be given appropriate consideration. However, when thinking about the personal data held within your organisation, we believe that consideration of the compliance, consent, and communication obligations of the GDPR is a good place to start. 

The Three Cs – Compliance

Under the GDPR, you are accountable for complying with the principles that personal data is:

  • processed lawfully, fairly and in a transparent manner
  • collected for a specified explicit and legitimate purpose
  • adequate, relevant and limited to what is necessary and kept for no longer than necessary
  • accurate and up to date
  • secure

In addition to obtaining consent, organisations must keep clear records and be able to demonstrate evidence of consent if required.

Under the new legislation, organisations must inform individuals of their right to withdraw consent at any time and their rights to be forgotten; to have access to their personal data and their right to be informed.

Organisations should review their existing consents and check they comply with the new GDPR, if they do not, fresh consent must be obtained. It may be that in some cases, reliance on ‘Contract’ or ‘Legitimate Interest’ for lawful processing may be a better approach.

To ensure you are well informed and aware of the GDPR, register your place at a complimentary breakfast briefing on Wednesday, 21st June in London. 

 

Breakfast Briefing – The GDPR: what does it mean for executive search
Wednesday, 21st June, 8 – 10.30 am, London

At this executive breakfast briefing event for C-level search professionals, three specialist speakers will share their insights on the latest developments to the GDPR, the key areas for consideration and the steps you can take to minimise risk of non-compliance. Register you place.

For additional information and resources relating to the GDPR visit www.invenias.com/gdpr or request a free no obligation demo with a member of our experienced team to learn how Invenias will transform your search process. 

Have your say...

Related Articles

Most Read