ICO 12 Steps Preparing for the GDPR

This checklist created by ICO highlights 12 steps you or your company can take in order to get ready for the General Data Protection Regulation (GDPR) coming into effect 25 May 2018.

The GDPR’s core principles are largely similar to what is seen in the present Data Protection Act (DPA). Therefore if you are already complying correctly with this then GDPR should not mean sweeping changes to your company policies. This being said, there are new concepts and meaningful progressions in GDPR therefore you will have to alter certain aspects and start afresh on others. The GDPR puts a greater onus upon documentation, keeping data controllers accountable and asking them to demonstrate this.

The 12 steps outlined in the article are as follows:

  1. Awareness
  2. Information you hold
  3. Communicating Privacy Information
  4. Individuals’ rights
  5. Subject Access Requests
  6. Lawful basis for Processing Personal Data
  7. Consetn
  8. Children
  9. Data Breaches
  10. Data Protection by Design and Data Protection Impact Assessments
  11. Data Protection Officers
  12. International

Please click here to view the full article.