Firmwater is getting ready for the GDPR
The General Data Protection Regulation (GDPR) is quite a mouthful and is also a fair bit of work for many businesses that deal with the personal information of EU residents.
European businesses or any business that deals with the personal information of EU citizens will have to comply with the regulation. May 25th, 2018 has been circled on many calendars as the deadline for the GDPR which is considered the strictest regulation of its kind in the world. Policies need to be adjusted and business processes changed to comply with this new standard.
As a cloud-based LMS provider with clients and users from all around the world, Firmwater has been busy to get ready for the May 25th.
Let’s get serious. How is Firmwater preparing for the GDPR?
Firmwater hired TrustArc to assess and evaluate Firmwater’s fitness level when it comes to data protection. With the results, we have put together an action plan that will put us on the path to GDPR compliance.
Our team has been and is working hard to implement the following measures:
- Implementing a process that allows clients or users of our application to have access to their data if requested.
- Reviewing our website and learning platform to ensure we manage and process personal data to GDPR standards.
- Keeping data protection in mind when developing new functionality in Firmwater LMS (privacy by design framework).
- Preparing records of processing activities as both a Controller and a Processor of client data (GDPR requirement).
- Updating contractual terms (data protection addendum) with our service providers.
- Enhancing our company policies for data portability and data management.
- Training all Firmwater staff on GDPR privacy legislation and new company policies.
In short, we respect the privacy and security of our clients and users. We will stay privacy aware and will make our clients conscious of any privacy concerns if necessary.