Technical Writing | Techwriting | GDPR

Document your path to GDPR compliance

Enforcement of the new GDPR data privacy regulations begins in May 2018. It’s important that your GDPR compliance project team understands what user data passes through which systems and document that information to demonstrate compliance with GDPR.

As a technical writer I know how documenting compliance projects work:

  1. Compliance is a continuous process, it does not end when the first full version is signed off
  2. your Compliance documentation needs to be structured. Structured documents are easier to manage and allow you to update the content quickly and easily.

Design documentation for reusability

Documenting compliance requires collecting information from several sources. That could be across departments and various Subject Matter Experts. Much of the information will reveal how your company operates and could throw up some surprises. In other words, you may discover your network is not as secure as first thought.

You will need to invest time documenting your GDPR compliance, and my suggestion is to design the documentation in such a way that it’s reusable for future projects?

Content reuse is the practice of using existing content components to develop new “documents.” Any content can be reused (such as graphics, charts, media). You can reuse sections, paragraphs, sentences, or even words. It is easier to reuse graphics, charts, and media in their entirety than it is to use portions of them.

What topics should be covered

GDPR will produce an array of document Policy and Process titles. It may be worth checking what, if any documentation you may have in place. It could be possible to reuse some or all of the content.

Below is not an exhaustive list but a flavour of what you need to consider.

  1. Security Policy
  2. Risk Assessments
  3. Managing Incidents
  4. Managing Change
  5. How to manage a breach
  6. Reporting a Data Breach
  7. Privacy by design
  8. Anonymisation of data

Take steps now to design a structured GDPR compliance documentation strategy, and your business will reap the benefits.