General Data Protection Regulation
By : Nick -
25 May 2018 is the date you need to remember this is when things are set to start. Are you ready?
There are 12 steps;
- Awareness - Are your key decision makers aware of the requirements
- Information - what data do you hold, where did you get it from and who do you share it with.
- Communicating privacy information - have you reviewed your current privacy notices?
- Individuals rights - Check your procedures and processes on handling data and deleting it if you need to
- Subject data request - are you processes appropriate?
- Lawful basis for processing personal data - can you process data and have you documented your lawful right to do so.
- Consent - review how you seek manage and record consent.
- Children - Do you verify the age of individuals? should you have systems in place to manage this.
- Data Breaches - what will you do if you identify a data breach? How will you report these?
- Data Protection by design and data protection impact assessment - Have you reviewed the ICO ode of practice on Privacy impact assessments and latest guidance from the article 29 working party?
- Data Protection officer - have you appointed someone? they will need to take responsibility for all data protection matters.
- International - If you work within more than one EU state you will need to determine who is in charge of overall data protection requirements.
For advice and guidance on the General Data Protection Regulation, please feel free to contact us.