Organisations

Coming May 25th 2018

The General Data Protection Regulation (GDPR) very significantly increases the obligations and responsibilities for organisations and businesses in how they collect, use and protect personal data. At the centre of the new law is the requirement for organisations and businesses to be fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities.

12 steps to being prepared

1

Becoming Aware

Review and enhance your organisation’s risk management processes – identify problem areas now.

Get More Info
2

Becoming Accountable

Make an inventory of all personal data you hold. Why do you hold it? Do you still need it? Is it safe?

Get More Info
3

Communicating with Staff and Service Users

Review all your data privacy notices and make sure you keep service users fully informed about how you use their data.

Get More Info
4

Personal Privacy Rights

Ensure your procedures cover all the rights individuals are entitled to, including deletion and data portability.

Get More Info
5

How will Access
Requests change?

Plan how you will handle requests within the new timescales – requests must be dealt with within one month.

Get More Info
6

What we mean when we talk about a ‘Legal Basis’

Are you relying on consent, legitimate interests or a legal enactment to collect and process the data? Do you meet the standards of the GDPR?

Get More Info
7

Using Customer Consent as grounds to process data

Review how you seek, obtain and record consent, and whether you need to make any changes to be GDPR ready.

Get More Info
8

Processing Children’s Data

Do you have adequate systems in place to verify individual ages and gather consent from guardians?

Get More Info
9

Data Protection Impact Assessments (DPIA) and Data Protection by Design and Default

Data privacy needs to be at the heart of all future projects.

Get More Info
10

Reporting Data Breaches

Are you ready for mandatory breach reporting? Make sure you have the procedures in place to detect, report and investigate a data breach.

Get More Info
11

Data Protection Officers

Will you be required to designate a DPO? Make sure that it’s someone who has the knowledge, support and authority to do the job effectively.

Get More Info
12

International Organisations and the GDPR

The GDPR includes a ‘one-stop-shop’ provision which will assist those data controllers whose companies operate in many member states. Identify where your Main Establishment is located in the EU in order to identify your Lead Supervisory Authority.

Get More Info
<
>

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close