GDPR is the new EU data protection regulation which replaces the existing law and will apply across Europe from 25 May 2018. It strengthens individuals data protection rights and is designed to create a culture of good data protection across all organizations. Accountability and evidencing good data protection on an ongoing basis are key cornerstones of the GDPR.
Why is NMI concerned about GDPR?
The GDPR applies to any organizations that provide goods or services to European residents and therefore as we provide our services globally it is important for us to comply with GDPR.
At NMI, our GDPR compliance is a priority for the business. The obligations created by GDPR create a standard that puts data protection at the forefront of our global business activities and it is something that we feel passionate about.
We have implemented a data protection programme with key stakeholders from our offices in the US, Europe and beyond. This programme is designed to consolidate our global approach to good data protection and to identify and mitigate any risk to the personal data, that we are responsible for. This project team is being driven by senior management with assistance from external advisors.
Accountability is at the forefront of this programme with ongoing processes being developed to ensure that we are able to evidence our good data protection.
We have been undertaking a programme of work to assess our readiness for the GDPR. This has involved mapping our data flows globally and understanding where data is shared, stored and accessed.
We are working to increase awareness at all levels within NMI to embed a culture of good data protection across the business.