Supplier Spotlight

Latest video

Duncan Aviation begins work on US$70m Utah maintenance facility

Duncan Aviation has begun construction on a new US$70m business aircraft maintenance, modifications and paint complex in Provo, Utah, in the USA. The company will add nearly 275,000ft² of buildings, with a 222,000ft² maintenance and modifications center and a 53,000ft² paint facility.

23rd October 2017



Gulfstream Aerospace celebrates flight test program milestone

Gulfstream Aerospace has reflected on the first ten flight tests for the Gulfstream G500 and Gulfstream G600 jets. The jets are twin-engine, with the G500 replacing the G450. The G500 has a range of 5,000 nautical miles (9,260km) at Mach 0.85, with nonstop flights connecting distant cities such as Istanbul to Cape Town, Los Angeles to London, and San Francisco to Tokyo. The G600 can fly 4,800 nautical miles (8,890km) at a high-speed cruise of Mach 0.90, and seats up to 19 passengers, with room for nine to sleep.

19th September 2017

Does the US government need to intervene in the market to ensure reasonable public access and transparent pricing in FBOs?

Web Exclusive Articles

« back to listing

Brace yourselves - GDPR will soon be landing

The General Data Protection Regulation (GDPR) comes into effect in May and businesses must start preparing early to get a plan in place for its arrival, according to Paula Tighe, information governance director at law firm Wright Hassall.

 

Key decision makers must sit down together and start devising a strategy that meets the requirements of GDPR if they are to achieve compliance in time for May.

Raise awareness and register it
Firstly, recording the transition process to GDPR compliance is an effective way of proving your company is willing to meet the new requirements. Also known as the data register, this record will show what data the business currently holds and where it originated from, outlining the organization’s reasons for processing it.

Compliance is not designed to obstruct or limit a business, but it instead questions existing processes and procedures to improve overall standard.

Businesses should review their existing digital and hard copy format privacy notices and policies and consider if they are concise, written in clear language, easy to understand and easily found.

It is also important to review how these notices and policies are communicated to the data subjects – it’s important that they are explained thoroughly, and that individuals understand how to lodge a formal complaint with the Information Commissioner’s Office if necessary.

Rights of the individual
The aim of GDPR is to give data subjects greater control over their personal data, allowing them to request that their personal information is edited or even deleted at any time. Perhaps one of the key drivers of the changes is the right for an individual to prevent their data being used for direct marketing purposes, as well as their right to challenge and prevent automated decision making and profiling.

Regardless of complaints, adopting transparent procedures will help mitigate potential future problems with the regulator. If companies already handle data carefully under the current guidelines, the transition to GDPR should not be a cause for concern.

Never assume consent
Obtaining and handling consent for the use of personal data is a bit of a tricky area under GDPR. Individuals must give clear consent for their data to be used, and if companies plan on using it differently to what was first agreed, they must obtain separate consent. Whatever way businesses attempt to obtain or confirm consent will help mitigate any future problems at the hands of the regulator.

Where data processing could pose a significant risk to individuals because of the technology that is being used or the scale of the processing, companies should undertake a Privacy Impact Assessment (PIA).

These assessments will help businesses and the regulator decide the likely effects on the individual if their data is lost or stolen and should form part of your ongoing processes. Companies need to ensure they have a robust process for making the assessments and then record it, along with the outcome.

Responsibility
If a business routinely deals with personal data on a large scale, then it could be worth recruiting a dedicated data protection officer to oversee procedures, ensuring compliance at all times.

Companies must also consider written records, which are also covered by the regulations. It is important to ensure all staff are trained on the correct handling of personal data.

Remember, recording the compliance process using a data register is ultimately the most effective way to protect against data breach claims. Those organizations who can prove willingness to comply will fare better than those that don’t.

 

Paula Tighe is a qualified data protection professional and leads the trusted advisor information governance service. Experienced in working with small, medium and large private and public bodies, Paula advises on a range of data protection issues, including training design and delivery, marketing, housing, project management and ICT security.

Wright Hassall, a full-service law firm, advises clients across a variety of sectors including advanced manufacturing and engineering; food and agriculture; housing, development and construction; and gaming and digital media. Find out more at www.wrighthassall.co.uk

October 30, 2017

 

RECEIVE THE
LATEST NEWS


Your email address:



Read Latest Issue

Exclusive Articles

Ries Vriend, CEO of Amsterdam Software – FBO One, discusses potential changes to regulation surrounding FBO pricing transparency in the USA.
Click here to read more


The General Data Protection Regulation (GDPR) comes into effect in May and businesses must start preparing early to get a plan in place for its arrival, according to Paula Tighe, information governance director at law firm Wright Hassall.
Click here to read more


Sixty seconds with Claudio Lasagni, CEO at Air Service Basel, on how and why the FBO is partnering with local companies to boost its own brand.
Click here to read more



Submit your industry opinion

Industry BlogDo you have an opinion you'd like to share with the business airport community? Good or bad, we'd like to hear your views and opinions on the leading issues shaping the industry. Share your comments by sending up to 500 words to ben.sampson@ukimediaevents.com

Submit Your Recruitment Ad

Recruitment AdTo send us your recruitment advertising or to receive information on placing a banner please email jag.kambo@ukimediaevents.com