Return to site

Steps to prepare for GDPR

· In the media

On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) will go into effect. This new regulatory framework gives European consumers the ultimate power over all data companies ever saved and processed from them. Research of Pegasystems Inc. points out that 82 % of the consumers will appeal on this new right. GDPR has new elements, compared with the current Data Protection Act (DPA).

Some parts of the GDPR will have more of an impact on specific businesses, so it is necessary to be prepared. Do you already know the implications for your business? The next steps will help you prepare fot the GDPR.

1. Awareness. Develop company wide awareness of the legislation. Help colleagues and the board understand how it affects your business.

2. Audit your data. Document all the data of the company, where it comes from and with whom it is shared.

3. Review existing systems. Check your current privacy notes and prepare a plan for GDPR implementation.

4. Review procedures and contracts with suppliers.

5. Update the procedures and contracts for GDPR implementation and plan how you will handle requests.

6. Identify the lawful basis for processing personal data, document it and update your privacy notice in line with GDPR.

7. Review current search methods. Check how you record and manage consent and update if necessary.

8. Check if your organisation, when you offer online services to children, needs a parent or guardian’s consent in order to process this data lawfully.

9. Put your procedures in place to detect, report and investigate a personal data breach. And if you’re wise, you also think about preparing reputation management procedures.

10. Make yourself comfortable with the GDPR and check how and when you will implement this regulation.

11. Appoint a chief data officer to drive compliance eternally, and if required a data protection officer to assess the data protection requirements.

Source: Micro Focus

12 When you operate in more EU countries, determine your lead data protection supervisory authority and document this.

Are you ready to transform? Or did you get stuck at one of the steps? As part of becoming a futureproof company, Conn3ctly loves to connect you with the GDPR-specialist from our inner circle network. If you’d like to know more, feel free to contact us.

Source: ICO