GDPR General Data Protection Regulation Business Internet Technology Concept.

GDPR – do you think you are compliant yet…?

Want create site? Find Free WordPress Themes and plugins.

The General Data Protection Regulation (GDPR) came into force on 25th May 2018 last, and you’re probably sick of hearing about it, with all the ‘health warnings’ and now that the date has come and gone, you’re probably saying, ‘What was that all about?’. Fair point, however if you are one of the many organisations in any sector; public, private, business, academia, hospitality, manufacturing, sales, services, trade (the list is endless) who have not or indeed ignored the new data protection laws, you will eventually need to and will really have to become GDPR complaint.

At the very least you should / need to do the following:

  • Understand your data and data protection business environment and attitudes
  • Appoint a Data Protection Controller / GDPR Champion
  • Identify Data Processors (if any)
  • Identify Data Subjects and recipients of personal data
  • Confirm what data protection policies / procedures are in place (if any)
  • Identify and list the personal data / categories that the organisation holds, both manually and automatically i.e. on IT systems / computers, servers or website (this is an inventory of what personal data you have)
  • Confirm if / that it is personal data
  • Ask how was / is this personal data collected / gathered / received
  • Confirm basis for holding this personal data
  • Confirm how long is this personal data in place
  • What is / are the processing operation(s) and are there any exemptions that apply to the processing
  • Identify and list current and existing personal data processing / processes (manual and automated)
  • Confirm basis for processing this personal data
  • Ask who has access to this personal data
  • Is this ‘High Risk’ to the rights and freedoms of natural persons
  • Identify and list current and existing personal data processing security practices
  • Is there need to consult with / report any past / current breaches to the Data Protection Commissioner
  • Review employment contracts
  • Identify commonalities between personal data & the processing of this personal data with respect to GDPR
  • Does the processing of this data comply with GDPR Principles
  • Do any specific rules apply i.e. is any of the personal data sensitive data
  • Are Data Subjects rights being respected and their wishes granted under GDPR
  • Publish a list of personal data processing operations which are / may be subject to the requirement of Data Privacy Impact Assessment(s) (DPIA’s)

 

A GDPR Audit target…it could be you…!

Did you find apk for android? You can find new Free Android Games and apps.
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *