The Implications of GDPR on Your Virtual Assistant
Thursday 9th August 2018
The General Data Protection Regulation (GDPR) came into effect on 25th May 2018. If you have not heard of GDPR then you need to do some research now, as GDPR affects us all.
Outsourcing Work to a Virtual Assistant
You need to have an open and transparent relationship with your VA and check that the systems the VA has in place adhere to the six privacy principles of the regulation (look these up if you are not familiar). Do not be offended if your VA seeks similar reassurance from you. As both the Controller and Processor of the data can be prosecuted, trust is extremely important.
So, what measures should your VA have in place?
1) Your VA should be encrypting data stored on any drives and deleting data when it is no longer required for the data processing activity.
2) Any cloud-based systems that store data outside the EU should have a Privacy Shield in place.
3) A VPN should be set up if you would like your VA to access your internal systems remotely.
4) Your VA should be registered with the ICO and hold professional indemnity insurance.
An open relationship with your VA is key to a successful partnership.