GDPR To-Dos

If you’re starting to get ready for GDPR here’s a quick check list of to-dos.

1. Make sure someone senior is responsible for data privacy to illustrate that  the organisation is taking it seriously.

2. Investigate your current security and privacy processes and review contracts with third party suppliers and customers to meet the requirements of the GDPR.

3. Make sure to identify Personally Identifiable Information (PII) and personal data that is being collected and secure it.

4. Review how this information is being processed, managed, shared, stored and changed.

5. Verify partners/suppliers with whom you disclose data.

6. Establish procedures to respond to individuals/ ‘data subjects’ when they exercise their rights.

7. Conduct a Privacy Impact Assessment (PIA).

8. Create processes for data breach notification activities.

9. Have an ongoing program to make employees aware to ensure continual compliance with GDPR.

10. Add clear information on procedures to internal policy documents as well as to handbooks for new employees.

11. Add GDPR must-do’s to the data protection policy document you get all employees to sign when they join.

12. Make sure website Terms of Use have full disclosure on why and how data is stored.

13. Have a final usability check on your website to make sure all data collection touch points are fully compliant.

14. Email your mailing list to tell them what you have done to be GDPR compliant to make sure they know and to allow them to opt in for the things you want to continue mailing them for.

Source: business-achievers.com

Make an enquiry now

Request information or talk to us directly to get free and confidential advice.

• Most Read