This checklist created by ICO highlights 12 steps you or your company can take in order to get ready for the General Data Protection Regulation (GDPR) coming into effect 25 May 2018.
The GDPR’s core principles are largely similar to what is seen in the present Data Protection Act (DPA). Therefore if you are already complying correctly with this then GDPR should not mean sweeping changes to your company policies. This being said, there are new concepts and meaningful progressions in GDPR therefore you will have to alter certain aspects and start afresh on others. The GDPR puts a greater onus upon documentation, keeping data controllers accountable and asking them to demonstrate this.
The 12 steps outlined in the article are as follows:
- Information you hold
- Communicating Privacy Information
- Individuals’ rights
- Subject Access Requests
- Lawful basis for Processing Personal Data
- Data Breaches
- Data Protection by Design and Data Protection Impact Assessments
- Data Protection Officers
Please click here to view the full article.