Demographix advises customers on GDPR personal data audits
LONDON UK: In advance of the General Data Protection Regulation taking effect on 25 May 2018, Demographix has advised its customers to make an audit of all personal data they hold, and to give us feedback on the new tools we have been developing to assist with new requirements of the GDPR.
Demographix began discussions with its customers over a year ago with a GDPR impact assessment review.
"We have been assessing the impact of GDPR on ourselves and our customers for over a year, and in particular seeking their feedback on the tools and changes to procedures needed to fulfil its requirements," said Demographix director Bobby Pickering. "We have now ended that assessment period, and are offering advice on how they can prepare themselves, and how we can assist."
In the first instance, Demographix is referring customers to advice from the Information Commissioner’s Office.
Key ICO recommendations for companies using personal data
- You should document what personal data you hold, where it came from and who you share it with. You may need to organise an information audit.
- You should check your procedures to ensure they cover all the rights individuals have, including how you would delete personal data or provide data electronically and in a commonly used format.
- You should review your privacy and security policies.
- You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.
- You should make sure you have the right procedures in place to detect, report and investigate a personal data breach.
Pickering said: "We are actively assisting our customers, who are technically defined as "Data Controllers", to be aware of what personal data they have obtained and the consent that was given with it, so they can feed that back into their data departments."
"Going forward, they should be actively monitoring and labelling personal data, and delete personal data that is no longer required. They should also be thinking ahead about what new training and procedural requirements they may need to introduce so that they fulfil their obligations to respect EU citizens' rights and privacy under the new regulations."
Demographix has been working on new data processing tools to ensure customers can easily fulfil the requirements of the regulation – such as the right to be forgotten and data erasure. Further details will be released to customers later this year.
About Demographix: Demographix is the leading UK developer of online research tools, specialising in the publishing, broadcast, health, public, academic and hospitality sectors. The company develops technology compatible with a wide range of browsers and form factors, including tablets and smartphones. Demographix is the registered trademark of Demographix Limited. Demographix is a company partner of the Market Research Society. Company registered in England and Wales No. 4358487. Registered with the ICO No. Z1244335.