GDPR Mistakes

3 Data Privacy Mistakes to Avoid

The topic of the General Data Protection Regulations (GDPR), and data privacy in general, can be overwhelming and confusing. As a company that’s based in Germany, we’ve been beholden to the regulation since it was put into practice in May 2018. We’ve learned a few lessons along the way and aim to share our experience with you.

YouTube

By loading the video, you agree to YouTube's privacy policy.
Learn more

Load video

OTRS COO Christopher Kuhn has overseen all General Data Protection Regulation (GDPR) related projects within OTRS. Based on this experience, Christopher shared three data privacy mistakes that companies can make when they are trying to comply with GDPR or any other data privacy law, like the newly established California Consumer Privacy Act (CCPA).

Man writing on notepad next to laptop to illustrate that documentation helps to prevent GDPR Mistakes

Documentation Helps Avoid GDPR Mistakes Too

Complying with GDPR means documenting data handling processes, proving that these have been put into practice and addressing vulnerabilities swiftly. There are several phases of documentation that may help you avoid data privacy mistakes – with respect to GDPR or any other regulation. Certainly, you’ll start with written policies that are distributed company-wide. Also, map out how data is used within your company and document this too. Use these questions about avoiding GDPR fines to help guide you.

Then, start thinking about how you will demonstrate that these policies and processes have been followed. For instance, if your marketing team sends out a newsletter and a recipient requests data deletion (a right established under GDPR), how is that request captured? How can you show that all necessary deletion efforts have taken place? How can you confirm when they took place? Ticketing and workflow automation streamline this phase of documentation as they gather up requests, move them through pre-defined processes and incorporate a revision history.

OTRS serves as your partner in automating and documenting the administrative overhead that comes from implementing data handling processes.

If you're interested in having Christopher Kuhn or another OTRS data privacy expert offer input for an article or speak at an event, contact pr@otrs.com.