Issue link: https://maltatoday.uberflip.com/i/1055420
maltatoday | SUNDAY • 25 NOVEMBER 2018 G15 GAMING Nevertheless, if one looks at Blockchain from a different perspective, one might even start to think that Blockchain can promote the right to be for- gotten. For instance, if Block- chain networks are spread out, they are less likely to become a victim of cybercrime and hav- ing one's information spread on the web permanently. Do you feel your clients are aware of legislation regulating data privacy? Do they appreciate what rights they enjoy, what protection they can seek, and what it applies to? With the clock ticking and fines of up to 4% of total world- wide annual turnover for fail- ing to comply with the re- quirements of GDPR, we had to enhance our existing data protection systems and secu- rity to be ready for the new regime. We carried out a revi- sion of our current business and personal data processing, including an analysis of inter- nal guidelines, working proce- dures and manuals, employee's data processing and personal data, our contractual relation- ships with persons involved in processing, including other business partners to ensure the information, processes and procedures in place were in compliance. The installation of GDPR certified software tools and technology was the next step, as well as intensive train- ing to staff and team members. In-depth understanding of the evolution of data laws, areas of risk and translating vague con- cepts into practical and work- able actions to our clients was key. This new legislation, was not just a tweak, it took data privacy and the responsibility of organisations to a whole new level. The regulation requires new processes to be imple- mented to respond to individu- als' requests to see their data. Once our organisation was covered, next was notifying our corporate clients about this change together with the law, their rights, obligations, the severity of fines and the main aspects and effects of GDPR in their business. As part of the process we further explained what personal data means, how we would collect, record, or- ganise, and store data and why we would need such data. Clear guidelines were issued requesting written and af- firmative actions with opt out options. We explained they would need to monitor and re- port data breaches within the seventy two hour timescale, requiring expertise as well as proper internal processes and training. Above all, the law requires the ability to demon- strate data privacy approach through record keeping, train- ing and documentation. It is occurrences such as these that reconfirm our belief that in order to offer a comprehen- sive and holistic service as a law firm we must include ongoing training together with data au- dit and gap analysis services, both within the field of GDPR and beyond For further information, contact Gauci-Maistre Xynou (Legal | Assurance) of 147/8, St Lucia Street, Valletta, VLT 1185, Malta on email info@ gmxlaw.com and on their web- site www.gmxlaw.com This Q&A should not be construed as any sort of legal advice