We are committed to you and your business’s data
The deadline for the General Data Protection Regulation (GDPR) to take effect is May 25, 2018. By this date, organizations must be fully compliant with the new data protection regime for EU citizens. Non-compliance will result in more severe fines and penalties than those currently imposed for the Data Protection Directive that the GDPR is replacing. Whether the organization is a large corporation, an NGO or a church, it’s important to protect the personal data of clients, beneficiaries, employees and donors.
How will your translation process be affected by the GDPR? Every link in the chain that keeps your organization running needs to be GDPR compliant, including your Language Service Company (LSC). Your organization, as the “controller” of data, is obligated under the GDPR to ensure that the LSC, the “processor” of data, complies with its regulations.
5 ways GDPR will impact your translation process:
1. Following the Data
The GDPR impacts the way personal data is processed, stored and protected. Consent must be obtained from individuals for data collection, anonymity must be preserved, and the controller must keep records about what data it stores, where it’s stored and its path from one location to another. That includes personal data that is outsourced for translation.
2. Data Breaches
Organizations need to demonstrate that personal data is protected during collection, transmission, and storage. This extends to documents sent out for translation. As a data controller, your organization should be aware of how employees send and receive data for translation purposes — the system that the LSC uses to receive and process the data should have the same level of security.
The GDPR also requires data breaches to be reported in 72 hours; penalties for exceeding the time frame are very steep. It is essential that your LSC is aware of the rule and has a data breach plan in place.
3. Sensitive Data
The LSC should demonstrate that data is managed in a secure environment and that sensitive or restricted content will not be printed, stored or shared on devices that the organization hasn’t approved or can’t control.
Under the GDPR, individuals have the “right to be forgotten,” which assures them that their data will be erased on request. They also have the right to access information that has been collected about them, why their data is being processed, how long it will be stored and who has access to it.
To be ready to comply with these types of requests, the controller needs to know how the data is being treated across the supply chain, including the LSC.
Multiple file exchanges may be necessary to translate a document into several languages; much of the material sent out for translating is considered confidential.
It should be common practice for individuals and companies involved with translating for a project to have non-disclosure agreements on file. Requiring confidential information to be destroyed/erased when the project is completed is another potential safeguard.
At Dynamic Language, we continually upgrade our systems and software to ensure safe and secure transfer and storage of all your electronic files. Confidentiality of materials is strictly enforced through non-disclosure agreements with employees and contractors.
Our secure online Translation Management System, Access Dynamic, keeps all electronic files confidential and secure. Dynamic Language is also certified with the ISO 9001 and ISO 17100 international standards of the translation services industry. We are committed to complying with all applicable data protection laws.
Overall, it is essential to be informed about GDPR, how it will impact your organization, and what steps should be taken to ensure compliance. To learn more, fill out our contact us form and a dedicated project manager will be in touch with you shortly.