SteadyHOPS and the GDPR

SteadyHOPS and the GDPR
Home » Blog » SteadyHOPS and the GDPR
Table of Contents
    Add a header to begin generating the table of contents

    The General Data Protection Regulation (GDPR) and Data Protection Act of 2018 (DPA) are complex, in depth, complementary legal documents which act as a code of conduct for businesses involved in the processing of personal data.  Henceforth these regulations will be referred to as the GDPR. There are many aspects of compliance with these regulations and the best place to keep up to date and understand aspects of compliance is the Information Commissioner’s Office’s (ICO) Guide to General Data Protection Regulation.  This article highlights the aspects of compliance that SteadyHOPS provides.

    Accountability Principle

    The GDPR outlines several underlying principles that guide both the regulation(s) and your compliance with them. They are:

    • Lawfulness, fairness, and transparency
    • Purpose limitation
    • Data minimization
    • Accuracy
    • Storage limitation
    • Integrity and confidentiality (security)
    • Accountability

    Compliance with some of these principles must be covered through organizational, technical, and procedural elements that all come together to form a privacy by design approach.  SteadyHOPS is a commercial solution that assists with compliance of certain aspects of the GDPR and most notably applies to the accountability principle.

    The accountability principle states that organizations must take accountability for their role in protecting the personal data of citizens and compliance with the regulations. It is the organizations responsibility to put in place the appropriate measures and maintain records of compliance.  SteadyHOPS serves as the main touch point when corresponding with citizens regarding their personal data and it’s processing and provides record keeping of the in-system interactions you make when complying with the regulation and fulfilling various requests from citizens as part of compliance with the regulation.  In short it can help you demonstrate your compliance with the accountability principle in the event of a reported privacy concern and subsequent investigation.

    SteadyHOPS Data Subject Request Portal

    The GDPR grants certain rights to citizens regarding their personal data.  Some of these rights include the right to make certain requests of a data processor, for which the processor must comply.  These include:

    Your organization should develop a process for handling each of the request types internally and ensure it’s documented.  Documenting compliance is a key aspect of GDPR, and we will be covering each of these request types in depth in future articles.  Requests must be fulfilled, or a notification of additional processing time must be sent to the requester within 30 days of the initial request.  SteadyHOPS can provide an online electronic touch point for citizens to interact with your organization regarding these requests.  This ensures a request is captured in writing and the system allows you to seamlessly document the way the request was complied with and the timeline for fulfillment.   A data privacy request portal is a great way to show that your organization has invested in compliance with the regulation and provides a means to demonstrate accountability and transparency in your organization. For more information take a look at our product page.

    Share This Article
    Tagged: ,

    Hunter Nelson

    Hunter is the founder and president of Tortoise and Hare Software, a digital marketing agency for B2B technology companies. Hunter has more than 10 years’ experience building web applications and crafting digital strategies for companies ranging from scrappy startups to Fortune 50 household names. When not on the clock, you'll find him spending time with his family and pups, relaxing on the beach, or playing competitive online video games. See LinkedIn for more.

    Leave a Comment

    Table of Contents
      Add a header to begin generating the table of contents

      Free Email Course:
      Launching Your B2B Digital Marketing Program

      Enroll in our free digital lead generation crash course. A 60 day email series with twice a week emails walking through the journey of how to launch your digital marketing program and generate more B2B leads from your website. Unsubscribe at any time.

      Recent Posts
      cmmc marketing for msp and cybersecurity

      CMMC Presents New Marketing And Sales Opportunity for MSPs

      Have you heard about the Cybersecurity Maturity Model Certification (CMMC)? It’s a universal standard meant to enhance and normalize cybersecurity throughout the Defense Industrial Base (DIB). Released on January 31, 2020, CMMC will affect about 300,000 companies that do business with the U.S. Department of Defense (DoD). These include contractors who engage directly with the…

      privacy policy for small business

      Why do I need a Privacy Policy?

      Data privacy is a topic that is of growing concern to many consumers around the U.S. and you may have heard the term privacy policy a time or two in recent history but haven’t paid it much mind. If your just getting into digital marketing or are updating an existing marketing site you may be…

      cryptographic hash functions

      One Way Hash Functions and Data Privacy Compliance.

      This article will discuss how a one way hash function can be used in the context of privacy compliance for regulations like the GDPR. Storing customer’s personal data is an inevitability for scaling businesses in today’s technical world. One way hash functions are a useful tool to store sensitive customer data such as passwords and…

      Top Content
      sample brand kit

      Branding Your MSP: How To Get Started

      Throughout the process of launching and running Tortoise and Hare Software these past 3-4 years there’s one thing that I’ve gotten consistently good feedback on. The brand! People who aren’t shopping for marketing, and have no relationship to the company will regularly come up to me at trade shows, or comment on my business card,…

      msp paid search campaigns

      The Ultimate Guide To Paid Search On Google Ads For Managed Service Providers

      Generating leads for your MSP can be a challenge. You spend so much time managing employees, making sure customer support tickets are answered, procuring hardware, and defending against cyber threats, there’s hardly time to worry about networking and doing things like posting on social media. However, you’d like to grow faster, and due to some…

      msp seo ultimate guide

      The Ultimate Guide To MSP SEO

      Search Engine Optimization (SEO) is one of the most important ways to attract new business for mid-market managed service providers (MSP). If you look at MSPs that have achieved any sort of meaningful scale and grown to the 10MM ARR mark and beyond, you will almost always see a significant portion of their growth came…

      About Us

      Tortoise and Hare Software is a boutique B2B tech marketing agency. We help companies like MSPs, SaaS providers, cybersecurity firms, and other technology service providers launch their digital marketing programs and generate inbound leads.