Countdown to GDPR (General Data Protection Regulation)


The clock is ticking to a complete overhaul of the data protection legislation. The current legislation has been in existence for nearly two decades. The GDPR comes into force in May 2018 and introduces some radical change for the protection of personal data.


Security and protection of our customer’s data is a key priority for Kainos and we are committed to GDPR compliance across our business.



What does GDPR apply to?


The GDPR imposes new rules on all organisations that collect and analyse data tied to EU residents.

It applies no matter where you are located.

Individuals have the right to:

   Access their personal data
   Erase their personal data
   Object to the processing of their personal data
   Export personal data
   Correct errors in their personal data

What is Kainos doing about GDPR?


Kainos recognises the importance of data protection in all its business dealings.
Privacy
Strict controls on where personal data is stored and how it is used
Records
Detailed data governance for transparency, record keeping, and reporting
Policies
Robust data policies to ensure lawful processing

Kainos has established a core working group with representation from across the wider business including the Chief Information Officer, Legal, Operational, Product, Marketing and People Support, with board sponsorship from the Kainos Chief Operating Officer.


The working group have developed a plan to enable our organisation to work towards compliance in May 2018 and onwards.


Policies and procedures


Kainos is ensuring its policies and procedures are updated and refined in line with GDPR requirements to ensure:

• Appropriate security to protect data
• Notification in the event of personal data breaches
• Appropriate consent is obtained for processing data
• Detailed records are kept on data processing activities
• Data retention and deletion policies are clearly defined

• Our contractual documentation for existing and future customers and suppliers is GDPR compliant

Policies orange
Training green

Training


Training and education of staff is a key focus of the Kainos GDPR working group and some of the activities include:

• Webinars
• Focus groups
• Regular updates and communications
• Tailored training sessions

Consultation with customers and partners


Our customers and partners include financial services providers, healthcare providers, human capital management, government agencies and local authorities who trust us with their most sensitive information.

We understand that privacy and data security is a key priority for our customers and we are fully committed to working in partnership with customers and partners to ensure that together we build a culture of privacy.

Consultation yellow

GDPR and Brexit


Kainos is a multi-national organisation with our business activities spanning across Europe and further afield so compliance is vital irrespective of the UK’s retention of the GDPR post-Brexit. Brexit will occur after May 2018 when the GDPR comes into force. It is expected that the UK government will implement legislation to largely reflect the provisions contained in the GDPR.