Are you GDPR ready?

The subject that’s been hot on the lips of organisations nationwide is finally here. GDPR legislation comes into effect from Friday 25th May and independent body, the ICO, states that “anyone with day-to-day responsibility for data protection” needs to be ready…are you?

Remember to think about:

  • The kinds of personal data you hold and for whom, as well as where it came from, and when. Is it up-to-date?
  • Where your data is stored and how to access it.
  • Reviewing how you seek, record and manage consent when collecting people’s personal data.
  • Your Privacy Policy; have you made any required changes in line with GDPR, and have you shared your policy with the relevant people/organisations?
  • How you would detect, report and investigate any data breaches.
  • Appointing a Data Protection officer (DPO). Not all organisations require one, but some are obliged to formally designate a DPO.
  • Whether you’re registered with the ICO and familiar with the ICO’s code of practice on Privacy Assessments as well as the latest guidance from the Article 29 Working Party.

Need more information? Visit the ICO’s website here for more tips and tools for helping you to assess what your organisation needs to have in place for GDPR compliance.

References:

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/