The new EU General Data Protection Regulation (GDPR) came into effect as of May 25th, 2018, (inclusive of the UK regardless of its decision to leave the EU), and impacts every organisation which holds or processes personal data. It introduces new responsibilities, including the need to demonstrate compliance, more stringent enforcement, and substantially increased penalties than the current Data Protection Act (DPA) which it supersedes.
At Traveller Assist, we are committed to protecting and respecting the privacy of individuals, and take our obligations under data protection legislation seriously. We already manage personal data in accordance with industry standards, including HIPAA and ISO 27001, and we welcome the high standards that GDPR will promote, and encourage across all organisations.
Traveller Assist collects only the personal information of individuals that it requires to provide effective emergency assistance at the time of activation. All information is collected via an encrypted email system, and is stored on a secure server only for the duration that it is required. No personal data is kept longer than necessary.
It is important to recognise that compliance is a shared responsibility and all organisations will need to adapt business processes and data management practices.