GDPR and Ongoing Controls


Even though the 25th of May has come and gone, the process of GDPR is far from over. GDPR is an ongoing process, that continues year after year. The data protection directive requires small as well as bigger corporations to comply with the data security regulations.

The corporation can benefit from setting up business protocols, which will secure the handling of the personal data, to make sure there is a high standard of security control, and by deleting the data that is no longer relevant for the company.


An example is the HR area. Most companies have outsourced their data processing of employee salary to external bureaus. The company has extracted a DPA from this service, and in that way, they’ve complied with the data regulations.

But what about job applications? How can you secure the personal data that these contain, and that they’re handled by the relevant people and deleted when they’re no longer relevant?

Smaller companies can benefit from making one access for everything involving jobs and applications. You could do that by creating a separate e-mail account, that deals only with job applications. The people responsible for this account, will be the only ones with access, so that mails are not forwarded.

A control system is then put in place, so that mails are deleted every month. Job applications older than 3 months, can’t be saved, unless there is an agreement for keeping them longer.


Plandisc can assist with GDPR

Plandisc is a flexible tool, where you can design the annual circle calendar from scratch, with the ongoing controls relevant for your company. You can send reminders to the responsible people who are handling a specific task, and to those who need to take action, e.g. deleting mails that are no longer needed in the database.

With Plandisc, you also have the option to put a label on an activity, or task. In that way, you can label an activity red when it’s unresolved, and green when it’s resolved.

Plandisc can therefore be the tool, that enable a smaller business to comply with the GDPR, and at the same time be the documentation of business protocols, put in place to run the ongoing control.

Plandisc can also function in lots of other ways

Besides making your business more compliant, Plandisc can also be used as a tool in the annual calendar planning. Here, the flexible structure of the yearly planning cycle, can ensure that no events or activities collide with each other.

Disclaimer: The content in this article is not legal advice and are for general information purposes only.