Category: DISC Webinars

We seek out our C-style co-workers when we need a problem-solver; yet their nit-pickiness can irritate us. Understanding your C-style colleagues can help you to work better with them.

Continue reading “Carol: Your C-style co-worker”

Our S-style co-workers are steady and dependable, but they can frustrate us with their resistance to change and indecisiveness. Can we work better with them by understanding their behavioral style?

Continue reading “Sam: Your S-style Co-Worker”

I-style co-workers create a positive work environment, but they can also frustrate us with their disorganization. How does improving our understanding of I-styles help us to work better with them?

Continue reading “Ian: Your I-style Coworker”

We all know or work with a D-style person. They view their job as a competition; to be the best. Improving our understanding of D-styles can help us work better with them.

Continue reading “Diana: Your D-style co-worker”

Managing people is definitely one of the most challenging jobs around. The My Team Report: Manager’s Playbook, is specifically designed to help a manager lead his/her own team more effectively. Continue reading “Managing Your Team More Effectively Using DISC Leadership Tools”

One of the strengths of the DISC model is it provides you with the ability to identify the DISC styles of others. If you are able to recognize others as a D I S, or C style, then you now have more information in which to better interact with them.

Continue reading “Identifying the DISC Styles of Others”

The European Union’s General Data Protection Regulation (GDPR) began enforcement on May 25, 2018. Is your organization prepared?

Has your inbox been flooded with updated privacy policies from your Internet accounts like Google, Facebook, and LinkedIn? The massive new regulation directly affects all European Union (EU)* citizens, regardless of where they are living. The GDPR could have a huge impact on how your organization is required to protect an individual’s data, even if you are not based in the European Union (EU). There is a massive $24 million penalty for non-compliance.

What is it?

It is the EU’s new and expanded data privacy law, replacing the designed to protect consumers in the current era of cyber attacks and data leaks. It essentially moves away from “privacy by default,” increases security rules on how companies manage data, and allows individual more control over personal data.

Data related to a natural person can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address. It will now be necessary to document a data entrustment and storage agreement before using your system.

How does this affect your organization inside and outside the EU?

You may surprised how likely the GDPR will affect you even if you are not in the EU. The biggest change is the extended jurisdiction of the GDPR, as it applies to all organizations processing the personal data of data EU subjects, regardless of the organization’s location and regardless of where citizens are based. In addition, if your organization supports businesses that have customers who are EU subjects, then your organization is required to be in compliance.

What is my organization’s responsibility in handling data?

Individuals have been accorded more privacy rights concerning their data. Companies are only allowed to collect data if they have a “lawful basis,” which could mean a legal agreement or explicit consent of the individual. The consent must be in plain language and clearly identified; no more hiding in “Terms and Conditions” legalese. It must be as easy to withdraw consent as it is to give it. In addition, there needs to be clear transparency to the individual, as to what the data is being used for; electronic copies of the data must be provided upon request. They are also to give that data to anyone they choose.

Individuals have the right to be forgotten by withdrawing consent or directly requiring you to delete the data. They can ask you to erase their personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent; this right requires controllers to compare the subjects’ rights to “the public interest in the availability of the data” when considering such requests.

Your organization needs to be in compliance with how you secure the data and cannot hold on to the data longer than necessary. You must comply (outside of health care and law enforcement, etc.) when the individual requests their data be deleted. In addition, you are required to provide documentation of how data is handled and report data breaches to authorities within 72 hours of discovery.

Companies can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). 

Companies may very well be required to have a designated data protection officer (DPO) who manages the internal record keeping requirements; mandatory only for those controllers and processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or of special categories of data or data relating to criminal convictions and offenses.

How Extended DISC is GDPR compliant

Extended DISC has been preparing for the GDPR since it was published in 2016. We are in compliance with the GDPR, including individuals right to access data, right to rectify inaccurate data, right to erase data (‘right to be forgotten’), right to restriction of processing, and right to data portability.

We have performed the extensive data audits as required by the GDPR to ensure that not only does our assessment platform fulfill all technical and documentation requirements, but that our organization meets the GDPR requirements. Our assessment platform, the FinxS System and our organization, in the role of the data processor, complies with the GDPR requirements, including the GDPR principles of:

• Integrity and confidentiality
• Lawfulness, fairness and transparency
• Purpose limitation
• Data accuracy and minimization
• Storage limitation
• Accountability
• Data risk and impact assessment

There are numerous, stringent data security and technical requirements that an assessment system must meet in order to be GDPR compliant. In addition, the assessment system must be able to document all activities such as recording all login attempts, deletion of data, data security measures, etc. Of course, the system must be able to document that a respondent has provided the lawful basis to collect any data in the first place.

How about the EU-US Privacy Shield Certification Enough? Is it enough for GDPR compliance?

Many U.S.-based companies mistakenly think the EU-US Privacy Shield is simply a mechanism that enables participating companies to meet the EU requirements for transferring personal data from EU to the US, but it is not. In order to be GDPR compliant, data processors such as assessment tool providers must follow much stricter regulations to avoid potentially very costly consequences for their clients.

*The EU countries include Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and currently, the United Kingdom.

Conflict resolution using DISC can be an effective way to improve and develop interactions between two individuals.

Continue reading “Using DISC in Conflict Resolution”

At Extended DISC we often are asked about how to identify and explain profiles. Specifically, a person’s hardwired behavioral style, their perceived need to adjust behavior; and also, what happens when DISC profiles are invalid and cannot be generated?

Continue reading “Identify and Presenting DISC Profiles”