GDPR Preparation and Record Keeping

Previously we mentioned that the new EU General Data Protection Regulation (GDPR) is being introduced, with the deadline for compliance being 25th May 2018. Considering all that the legislation entails, that is not long at all – we would advise that every business would start preparing now. In anticipation, we have put together a GDPR series of blogs and briefings, detailing the Regulation, the Key Impacts and next steps to ensure your business is compliant come 25th May 2018.

How to record keep withn your organisation

Organisations employing more than 250 staff must train and employ a data protection officer and fully comply with strict record-keeping guidelines set out in the GDPR. Smaller organisations need not employ a data protection officer but depending on the nature of the data held must also comply with certain record-keeping measures.

Your GDPR Preparation Strategy

  • Small businesses may find it harder to cope with budgeting for this new piece of legislation – starting earlier and spreading the cost is the best tactic to take.

  • New procedures need to be introduced, such as security and breach notification – acting on these areas now will make the transition to complying with the GDPR smoother.

  • If you have over 250 employees and currently do not have a data protection officer you need to hire one sooner than later.

  • Communicate with suppliers and other stakeholders to find out how they will protect your information

  • Start planning how to respond and process requests for data deletion such as the “right to be forgotten” or the “right for restriction”.

Planning

  • No two organisations are the same – Plan and budget for implementation of your business

  • Create a tailored programme to address any gaps you have identified

Prioritising

  • Identify compliance actions presenting the highest risk

  • Begin with compliance actions with the highest risk and operational change items that will take the most time

  • Prioritise and elevate on your list accordingly those items requiring action

GDPR will be enacted in...
0
0
0
0
Days
0
0
Hrs
0
0
Min
0
0
Sec
Read full text of GDPR legislation

Be warned – it is not an easy read…