Many organisations are panicking about the forth coming data protection changes. If you have been complying with the 1998 Data Protection Act then you shouldn’t have too much to worry about and will need to modify existing data processing procedures.
Many organisations are getting confused about the forthcoming changes, but really, it all comes down to the fundamental principles – the protection and diligent processing of personal data. So, if you think about it, you are constantly processing volunteer, driver and passenger data daily. If you are using a software such as Road XS which complies with GDPR, then this will give your clients confidence that their personal information is being taken seriously and legally processed by a reputable transport service provider.
In Article 5 of the GDPR, it outlines the six principles which should/must be applied to any collection or processing of personal data.
The Principles of the GDPR
1. Personal data must be processed lawfully, fairly and transparently.
2. Personal data can only be collected for specified, explicit and legitimate purposes.
3. Personal data must be adequate, relevant and limited to what is necessary for processing.
4. Personal data must be accurate and kept up to date.
5. Personal data must be kept in a form such that the data subject can be identified only as long as is necessary for processing.
6. Personal data must be processed in a manner that ensures its security.
Within your organisation, if is the data controller who is responsible for showing that that adhere to the GDPR principles. It is also their responsibility to ensure the same is applied by any external data processor (e.g. us – Road XS) with whom they have a contract with. This means, if the third-party provider is at fault, it is, your responsibility to ensure that the service provider adhered to the GDPR in the first place.
You will notice that the above principles are very similar to the UK’s existing Data Protection Act (1998) and you need to be confident that you know what each of the six principles mean. If you can demonstrate that you are meeting these principles, then you are well on your way to meeting the GDPR compliance requirements coming into force in May 2018.
At it’s heart Road XS is the perfect transport management tool for securing personal data. Feel free to contact us if you have any questions.
