GDPR
Checklist For GDPR Compliance – Are You Ready?
The General Data Protection Regulation (GDPR) requires compliance. It accounts for all the data protection responsibilities that your organisation needs to consider. It is essential to consider all aspects of the GDPR and be able to understand your role in it. It will impact those who are controllers of data and those who are processors of data. Here is a vital GDRP checklist to help understand the compliance needed for customers or prospects.
Your GDPR checklist
1. Conduct a data audit
It is important to be fully aware of the way data is used in and around your business. Information audits are a way of gaining in-depth knowledge about data, and how you can identify risks. The risks may include; how, how long, and where information is held or transferred. It can also categorise the data and determine any sensitive information. Think of it like producing a map of data flows and highlighting strengths and weaknesses that help your business.
2. Keep a record
Keeping a record of the data is crucial. There needs to be well-maintained reports detailing processing activities. This will allow GDPR compliance to be managed efficiently. Completing an Information Asset Register is wise. This details the assets, what they do, locations, owners, access, retention, and other aspects of data protection.
3. Understand the law
Be aware of the lawful basis of the personal data that you process. The majority of the legal basis for processing data requires the process to be deemed necessary. If you can achieve the job without processing the data, then it is not considered a necessity. If the purpose of handling the data changes, make sure this complies with the regulation.
4. Ensure consent
Make sure you know the consent process, and how you request permission. Consent is vital as it is a legal requirement. The permission for data needs to be obvious, clear, and in a place that is apart from your terms and conditions. Consent must be via an affirmative opt-in method, and easy to understand. The individuals whose data you are handling need to know precisely what will happen to it and that withdrawal is allowed at any time.
5. Make withdrawing records easy
Keep records of consent helps to meet high GDPR standards. Records will often have to include how you obtain consent, and when. As well as this, organisations should implement regular reviews of approval to make sure it is still appropriate. It should be easy to withdraw consent, and you should act on withdrawals promptly. No one should feel as though he or she cannot remove consent.
6. Show your commitment to privacy
Privacy notices should be prominent, and readily available. This allows the individual whose information is being controlled to know who has their data, why, and what will happen to it. Privacy notices need to be in a language any individual can understand, and in a place that is easily accessible.
The responses to queries about data protection need to be met quickly and have a procedure to deal with it in motion. It is recommended to have timescales for responses, and training for staff to be able to manage responses and meet the needs of the data owner.
7. Data disposal
Allow for a method of removal and deletion. Make sure that there is a process in motion for the elimination of information when the time for retaining the records is over. It is helpful to set up a procedure for information deletion requests, and those who will assist in the disposal of the data. The contract must include measures for this.
8. Review your policy
Your business must hold, monitor and review a thorough data protection policy. This will allow for security maintenance, and whether the policy is being implemented efficiently. The plan needs to be managed, published, and distributed to all of its staff. It will need to be reviewed to make sure it is still relevant and is still an effective policy.
9. Perform a DPIA
As well as your policy, you should review your data collection and storage. This will identify ways of reducing the amount of data that needs collecting and processing. This may also include a review of how the process takes place, and if any features of the process need to be updated, or anything that requires further analysis. Performing a Data Protection Impact Assessment (DPIA) will help minimise the privacy risks that could you could avoid during processing unnecessary information. Hefty fines can be a result of a poorly conducted DPIA.
10. Appoint a DPO
Assign a Data Protection Officer (DPO), and train staff in the necessary aspects of the GDPR. The DPO will have to have communication with the businesses Information Commission Officer (ICO). This individual will be responsible for the designation of data protection accountability.
Awareness of information security must be upheld at all times, with careful consideration of all aspects of risk. This will include issues such as data sharing abroad, such as in and around the European Economic Area. Not only this but reviewing and managing the security within the technology itself.
Get your checklist ticked
If your business needs support with getting GDPR off the ground, then speak to the experts at Cyan Solutions who can help to prepare your business and help you to achieve GDPR compliance. For friendly, professional advice, get in touch with the team today.
Categories
- Case Study
- Charities
- Cloud Computing
- 10 Ways to be More Productive with Microsoft 365
- Cloud Based Services for Business
- Top Cloud Computing Trends
- Myth-busting Cloud Technology
- Technology to Minimise the Disruption Of School Holidays
- Cyan delivers a tailored cloud based solution
- Managing Security With Remote Workers
- What Are The Benefits Of GDPR?
- The biggest risk for data breaches is your employees
- Is your business prepared for bad weather?
- How technology innovation can improve efficiencies for charities
- How internet of things is shaping the workplace of the future
- Does a lack of cloud computing standards compromise its use?
- Common places where SMEs slip-up when using the cloud
- Things to consider before choosing a cloud platform
- Just how secure is the cloud? (Spoiler: Very.)
- Reasons to consider remote working
- Cloud computing terms – what do they even mean?
- Essential time-saving apps for SMEs
- Cyber Security
- Industry News Roundup December 2020
- Shocking Cyber Security Stats 2020
- How Staff Accidentally Help Hackers Steal Sensitive Data
- A quick guide to keep personal devices secure
- Three super simple things you can do now to protect your business
- Have You Considered These Risks to Your Business?
- Cyan Approved to Join NCSC Cyber Information Security Partnership (CiSP)
- What Is Cyber Insurance and Does My Business Need It?
- What Is Ransomware and How Should I Protect My Business?
- The End of Life for Windows 7
- What is Cyber Essentials and Why is it Great For Your Business?
- The Cyber Security Basics You Should be Covering Now
- How to Create a Cyber Security Policy for Your Business
- 3 Reasons Businesses Are Still Getting Their Cyber Security Wrong
- Cyber Security Risks You Need to Focus on in 2020
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- Cyber Security Services
- Remote and Fully Managed IT Support Tailored To Your Needs
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- How Often Should You Audit Your Business Cybersecurity?
- Managing Cybersecurity Solutions for SMEs
- Cybercrime Is On The Increase
- Monitoring The Dark Web To Stop Security Breaches Fast
- How to protect your business against phishing scams
- Disaster Recovery
- GDPR
- Myth-busting Cloud Technology
- Using The Cloud For Your Disaster Recovery Strategy
- How to Make Sure Your Staff Don’t Breach Your Data Security
- What Are The Benefits Of GDPR?
- Monitoring The Dark Web To Stop Security Breaches Fast
- The biggest risk for data breaches is your employees
- The Dos And Don’ts Around Consent For GDPR Compliance
- Plan. Create. Maintain for GDPR compliance
- Checklist For GDPR Compliance – Are You Ready?
- The Financial Impact and Gains Of GDPR
- What You Need To Know About GDPR: 6 Key Principles
- How GDPR affects charities
- The Data Protection Law Is Changing: What Does Your Business Need To Do?
- IT Budget
- IT Help Desk
- IT Infrastructure
- The End of Life for Windows 7
- What is a Typical IT Budget for a Small or Midsize Business?
- Digital Transformation Of Social Housing – Top Five Trends
- How and Why You Should Use Scalable Technology Infrastructure
- Driving Business Growth Through IT Infrastructure
- How Cyan Solutions Helped Toto Energy drive rapid Growth
- IT Security
- Industry News Roundup August 2020
- Keep devices protected while remote-working
- Have You Considered These Risks to Your Business?
- Cyan Approved to Join NCSC Cyber Information Security Partnership (CiSP)
- What Is Cyber Insurance and Does My Business Need It?
- What Is Ransomware and How Should I Protect My Business?
- The End of Life for Windows 7
- What is Cyber Essentials and Why is it Great For Your Business?
- The Cyber Security Basics You Should be Covering Now
- How to Create a Cyber Security Policy for Your Business
- 3 Reasons Businesses Are Still Getting Their Cyber Security Wrong
- Cyber Security Risks You Need to Focus on in 2020
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- Cyber Security Services
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- How Often Should You Audit Your Business Cybersecurity?
- Managing Cybersecurity Solutions for SMEs
- Top 5 Ways To Avoid Phishing Emails
- Key Technology Trends Impacting the Energy Sector
- Top Benefits of Outsourcing Your IT Requirements
- Using The Cloud For Your Disaster Recovery Strategy
- Managing Security With Remote Workers
- Our Guide To IT Budgeting
- How to Make Sure Your Staff Don’t Breach Your Data Security
- Driving Business Growth Through IT Infrastructure
- Plan. Create. Maintain for GDPR compliance
- Flaw in Intel Chips Puts Millions of Computers At Risk
- Does a lack of cloud computing standards compromise its use?
- 10 basic (but essential) business tech security tips
- Just how secure is the cloud? (Spoiler: Very.)
- Cloud computing terms – what do they even mean?
- Essential time-saving apps for SMEs
- IT Services
- 10 Questions to Ask About Your IT Service Provider in 2020
- Virtual CIO Services
- Cloud Based Services for Business
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Tips for Finding the Best IT Consulting Solutions
- Top Benefits of Outsourcing Your IT Requirements
- Cyan delivers a tailored cloud based solution
- What support should you expect from your IT provider
- IT Strategy
- Why Your Business Needs an IT Strategy
- Why you should be making plans to implement remote working long-term
- Continuity Checklist
- Have You Considered These Risks to Your Business?
- The End of Life for Windows 7
- What to Include in Your IT Strategy in 2020
- What Does Digital Transformation Mean for Your Business in 2020?
- Essential Recommendations for Business IT Security
- Remote and Fully Managed IT Support Tailored To Your Needs
- Essential Recommendations for Business IT Security
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Is Your IT Spending Under Control?
- IT Budget Planning Mistakes You Should Avoid
- What is Your IT Strategy?
- Tips for Finding the Best IT Consulting Solutions
- Embrace New Technology with an IT Transformation Strategy
- Do Your Employees Understand Your IT Business Strategy?
- Digital Transformation Of Social Housing – Top Five Trends
- Top 5 Ways To Avoid Phishing Emails
- Key Technology Trends Impacting the Energy Sector
- Cybercrime Is On The Increase
- Essential Data Back-Up & Disaster Recovery Tips
- Using The Cloud For Your Disaster Recovery Strategy
- Harnessing Technology to Enhance Housing Associations Performance
- Why Your Phone System is an Essential Part of Your Technology Strategy
- Driving Business Growth Through IT Infrastructure
- The Dos And Don’ts Around Consent For GDPR Compliance
- The Importance Of Having A Good Technology Strategy
- Things to consider before choosing a cloud platform
- IT Support
- 10 Questions to Ask About Your IT Service Provider in 2020
- Remote and Fully Managed IT Support Tailored To Your Needs
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Tips for Finding the Best IT Consulting Solutions
- Key Technology Trends Impacting the Energy Sector
- Top Benefits of Outsourcing Your IT Requirements
- What support should you expect from your IT provider
- How your customers benefit from using a smart meter
- Microsoft Office 365
- Industry News Roundup December 2020
- 10 Ways to be More Productive with Microsoft 365
- Digital Transformation Of Social Housing – Top Five Trends
- Key Technology Trends Impacting the Energy Sector
- Top Benefits of Outsourcing Your IT Requirements
- Managing Volunteer Teams Through Good Technology
- Microsoft Office 365: Discounts and Subscriptions for Charities
- How technology innovation can improve efficiencies for charities
- News
- Industry News Roundup December 2020
- Industry News Roundup August 2020
- Industry News for July 2020: Remote Working
- Have You Considered These Risks to Your Business?
- Cyan Approved to Join NCSC Cyber Information Security Partnership (CiSP)
- What Is Cyber Insurance and Does My Business Need It?
- What Is Ransomware and How Should I Protect My Business?
- The End of Life for Windows 7
- What is Cyber Essentials and Why is it Great For Your Business?
- The Cyber Security Basics You Should be Covering Now
- How to Create a Cyber Security Policy for Your Business
- 3 Reasons Businesses Are Still Getting Their Cyber Security Wrong
- Cyber Security Risks You Need to Focus on in 2020
- What to Include in Your IT Strategy in 2020
- 10 Questions to Ask About Your IT Service Provider in 2020
- What Does Digital Transformation Mean for Your Business in 2020?
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- How Often Should You Audit Your Business Cybersecurity?
- Managing Cybersecurity Solutions for SMEs
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Is Your IT Spending Under Control?
- IT Budget Planning Mistakes You Should Avoid
- What is Your IT Strategy?
- Tips for Finding the Best IT Consulting Solutions
- Embrace New Technology with an IT Transformation Strategy
- Do Your Employees Understand Your IT Business Strategy?
- Digital Transformation Of Social Housing – Top Five Trends
- Top 5 Ways To Avoid Phishing Emails
- Key Technology Trends Impacting the Energy Sector
- Top Cloud Computing Trends
- Myth-busting Cloud Technology
- Top Benefits of Outsourcing Your IT Requirements
- How and Why You Should Use Scalable Technology Infrastructure
- Cybercrime Is On The Increase
- Essential Data Back-Up & Disaster Recovery Tips
- Technology to Minimise the Disruption Of School Holidays
- Cyan delivers a tailored cloud based solution
- Using The Cloud For Your Disaster Recovery Strategy
- Managing Security With Remote Workers
- Our Guide To IT Budgeting
- What support should you expect from your IT provider
- How Blockchain Gives Transparency to Charity Spending
- How to Make Sure Your Staff Don’t Breach Your Data Security
- Harnessing Technology to Enhance Housing Associations Performance
- Why Your Phone System is an Essential Part of Your Technology Strategy
- What Are The Benefits Of GDPR?
- Monitoring The Dark Web To Stop Security Breaches Fast
- Driving Business Growth Through IT Infrastructure
- The biggest risk for data breaches is your employees
- Why Use A Virtual CIO?
- Is your business prepared for bad weather?
- The Dos And Don’ts Around Consent For GDPR Compliance
- The Importance Of Having A Good Technology Strategy
- Plan. Create. Maintain for GDPR compliance
- Checklist For GDPR Compliance – Are You Ready?
- The Financial Impact and Gains Of GDPR
- Managing Volunteer Teams Through Good Technology
- What You Need To Know About GDPR: 6 Key Principles
- How GDPR affects charities
- How your customers benefit from using a smart meter
- The Data Protection Law Is Changing: What Does Your Business Need To Do?
- Microsoft Office 365: Discounts and Subscriptions for Charities
- How to protect your business against phishing scams
- Flaw in Intel Chips Puts Millions of Computers At Risk
- What even is a blockchain?
- 7 must-have apps and software that aid remote working
- How Cyan Solutions Helped Toto Energy drive rapid Growth
- How technology innovation can improve efficiencies for charities
- How internet of things is shaping the workplace of the future
- Does a lack of cloud computing standards compromise its use?
- Some of the most innovative applications of VR by businesses we’ve seen so far
- Common places where SMEs slip-up when using the cloud
- Tips to be more mobile friendly
- Cyan delivers sustainable solutions and increases confidence in IT at Sands
- Will AI ever completely replace human customer service?
- 10 basic (but essential) business tech security tips
- Things to consider before choosing a cloud platform
- How artificial intelligence will affect future business
- Just how secure is the cloud? (Spoiler: Very.)
- Reasons to consider remote working
- Cloud computing terms – what do they even mean?
- Essential time-saving apps for SMEs
- Telecommunications
- Virtual CIO
- Virtual CIO Services
- Is Your IT Spending Under Control?
- IT Budget Planning Mistakes You Should Avoid
- What is Your IT Strategy?
- Tips for Finding the Best IT Consulting Solutions
- Embrace New Technology with an IT Transformation Strategy
- Do Your Employees Understand Your IT Business Strategy?
- Driving Business Growth Through IT Infrastructure
- Why Use A Virtual CIO?