Periodical audits and revisions
One of the main novelties of the GDPR is the proactive responsibility (accountability) of the company, which means, in broad terms, that not breaching will no longer be enough. Companies must be able to demonstrate that they effectively meet the requirements of the GDPR.
In this sense, at Abril Abogados we consider of vital importance that companies assess the risks inherent to the use of personal data and invest in security measures and verification processes in order to fully comply with the applicable regulations and avoid possible sanctions.
The fact that the new regulations have been built from the point of view of prevention (privacy by design) and not that of the damages once the infringement has already been committed, makes it necessary to carry out periodic audits in order to implement the appropriate measures and verification mechanisms. This enables proof, should an inspection take place, that the company is adapted to the GDPR.