25
THE KANSAS LIFELINE
July 2018
Now what?
Ultimately time will tell how the GDPR crosses the big
pond and makes a difference in policies in the U.S.
Generally, the initiative is a win for the individual. It
embraces practices that embody how a person’s data should
be handled. And although cities and water districts may not
need to act now, staying informed is critical. You don’t want
to be caught unprepared for yet another regulation!
handles customer data, your system should start
becoming familiar with these initiatives, if at least
at a high level bird’s eye view.
What should you know?
While the goals of this regulation are well-
intended, its wording leaves almost no room for
very many entities to do anything with data at all.
Many have described GDPR as a “moving target”
and no one knows how it will play out! While you
have fun watching on the sidelines, it’s important
to think about how in the future, stringent data
handling regulation might affect your procedures.
The most important preparation you can make
is to take inventory of all of your data. How do you collect
it? Where is it stored? Who has access to it? If you want to
go further, read “Data Privacy and Protection: Shut the front
door. And the back door”. See pages 86-87 in the March
2018 issue of The Kansas Lifeline.
You should know a few key terms that might be recycled
if the U.S. implements similar regulation.
Data Controller: This is you. It's a person/entity who
decides the purpose for which any personal data is to be
processed and the way in which it is to be processed.
Data Processor: These are third parties that process data
on behalf of the Data Controller, such as your website,
billing software, etc.
Transparency: You have an obligation to inform your
customers of how you use their data.
Consent: For some data, you can use it how you want if
you obtain the user’s consent. This is done explicitly, not by
making them uncheck a box to be excluded.
Think OPT IN, rather than opt out.
Performance of Contract: You might have
an important reason to use data, for example,
if you cannot fulfill an agreement with them
otherwise.
Privacy Notice: This is a thorough and
transparent explanation of your system’s
policies for using data. It’s important to have
one displayed prominently and available,
such as on a link on your website or in
emails.
Legitimate Interest: You might have an
important reason to use data if there is a legal
obligation or other mutual interest. This is a
vague concept that needs careful assessment
and justification to use without the users’
consent.
Right to be forgotten: The right to erasure
of personal data or “the right to be forgotten”
enables an individual to request the deletion
or removal of personal data whether there is
no compelling reason for its continued
processing.
Since 1997, Jen Sharp (JenSharp.com) has served
business and government across Kansas and the
US and even internationally, specializing in Web
development, design & programming including
e-Learning, ecommerce, content management
systems, and other small business solutions.
B&B Services
Since 1993 specializing in water control valves like: Cla-Val, Watts,
Ames, OCV. For all your valve needs, and more! With fair pricing,
6 mo. warranty, and sizeable inventory.
Over 20 years experience on rural water systems.
Services include:
Consulting, Scheduled Preventive Maintenance
and Emergency Services.
Call Rodney today for pricing, estimates, and references.
620/341-2698 cell; 620/364-8036 home.
Or e-mail bbservices@kans.com