Get in control of GDPR and Compliance

It can be pretty challenging to ensure that your company controls all rules, guidelines, and processes and that all personal data is processed according to the book. Fortunately, help is available if you ally yourself with one or more relevant partners.

What to consider

• Control it all. Are you 100 percent aware of what laws and regulations apply to a company like yours and whether you live up to them? 

  GDPR. Do you protect employees, customers, and other people's data sufficiently, and is your IT setup geared to easily comply with people's wishes to, for example, be "forgotten"? 

  Suppliers. Do you have an overview of your supplier's compliance efforts? 

Compliance and protection of personal data are not just for large international corporations. The trick is to find out which rules and guidelines your company must live up to, identify to what extent you are already compliant, and have bulletproof procedures to ensure that you are. In the end, of course, you must also close the gaps that may exist in your setup.

But compliance is, to a large extent, also an ongoing task, where you as a company are responsible for always having control over your processes and complying with the regulations that apply right now. It can be an extensive job, which either requires dedicated, attentive, and competent employees or that you get help from external experts.

A handful of years after the EU’s GDPR legislation came into force on 25 May 2018, the worst confusion and uncertainty have subsided. However, personal data protection remains complex, and the requirements depend on the individual company or organization. This situation contributes to the fact that fines are increasingly being handed out to those who have not adequately protected internal and external personal data.

It can be a great idea to ensure that all your systems and databases are adapted to the GDPR regulation so that it does not become a troublesome and time-consuming obstacle in the middle of your growth journey when you have to manage people's preferences and comply with the legislation manually. 

A significant part of the work with 'compliance management' can today be put into a system and primarily automated with the help of more or less digital actors such as Openli, ComplyCloud, and Safe Online.

The European Data Protection Agency has handed out fines for DKK 7.8 billion in 2021.

Source: DLA Piper

Who can help you?

In addition to the extensive law and consultancy firms, several Danish companies specialize in helping others to ensure that they comply with EU's personal data regulation (GDPR) and compliance in a broader sense.

This includes Openli. For a relatively limited and fixed monthly price, they can ensure that you are in control of your own and your suppliers' compliance via a transparent platform and that you can document it to, for example, customers, partners, and investors. Openli also offers customized solutions to secure people's consent via, for example, cookies on your website or when signing up for your newsletters. 

Another provider specializing in GDPR solutions is ComplyCloud, which calls itself a ’digital lawyer’ whose mission is to make it easy to become and stay GDPR compliant with the help of both compliance software and lawyers. ComplyCloud is also a universe of valuable knowledge, including analyses of the Danish Data Protection Authority’s current decisions, which you can access by registering on their website.

On the more automated end, there is Safe Online, which, with artificial intelligence and machine learning, can trawle all your local and external drives, mail, and many other data folders for sensitive information. These can be social security numbers, credit cards, driver's licenses, passports, union memberships, medical and criminal records, and religious and political beliefs. At the same time, Safe Online services can help manage the data and share data securely, including in e-mails, for example.

You probably already have a great knowledge of which compliance requirements your company must meet and whether it can ease everyday life within the organization, support your growth ambitions and provide greater security to get external help from one or more specialist in the field. 

Read more

• The IT industry's guide to the personal data regulation (GDPR)

• Legal Desk’s definition of compliance

• Legal Desk’s five tips for GDPR