powered by crowdcastAt the end of the session Helen talked through the 12 steps to “fast track” GDPR – and here they are, with some helpful links. Remember that documentary evidence of how you comply with the GDPR is key.
- Decide on legal basis of processing (consent, legitimate interest, contract)
- Audit your data and produce a record or processing. What you have , where it is who has access to it, how you protect it. Useful link here
- Decide how long you are going to keep data (Retention Policy)
- Audit your IT Security
- Look at your 3rd party contracts (data processors)
- Get a new draft for client contracts (data sharing clause/controller to controller agreement)
- Clean up your data in line with your new policies and inform of legitimate interest or obtain consent (depending on what you decide)
- Look at your marketing data (understand the requirements of the PECR)
- Create a process for dealing with data subject access requests
- Define your process for detecting and reporting breaches
- Train your staff
In addition, if you’d like to discuss getting your company GDPR compliant, contact a Jobscience expert here.