Preparations for GDPR
On May, 25th the new General Data Protection Regulations (GDPR) become law in the UK. One of the focal points of GDPR is the documentation of the company’s Policies and Processes which define how the company complies with GDPR, How are your preparations for GDPR progressing and where do you start?
Do you know . . .
- where on the Network personal data is currently stored and processed?
Locate all copies of personal data, including third-party processors or hosting providers not just your primary database locations.
2. the origins of your Data and if so have you tracked down the permissions associated with its collection.
If you purchased data, do you have permission to keep the data? If you need to keep the data, you may need to seek lawful approval from the data subjects.
3. if the Data you process – is it lawful?
Do you hold data that you have no right to keep or process? A simple solution here is to remove the data you do not need or should not hold.
4. that you must write the appropriate Policies and Processes?
My services can help you write the required Process and Policy documentation and help with the Process Analysis to draw the Process Mapping.
Do you have any experience of managing large documentation projects? If not you need expert guidance to produce the documentation that clearly defines your company’s compliance with GDPR. Make no mistake the GDPR Compliance project will take time.