If you’re starting to get ready for GDPR here’s a quick check list of to-dos.

1. Make sure someone senior is responsible for data privacy to illustrate that  the organisation is taking it seriously.

2. Investigate your current security and privacy processes and review contracts with third party suppliers and customers to meet the requirements of the GDPR.

3. Make sure to identify Personally Identifiable Information (PII) and personal data that is being collected and secure it.

4. Review how this information is being processed, managed, shared, stored and changed.

5. Verify partners/suppliers with whom you disclose data.

6. Establish procedures to respond to individuals/ ‘data subjects’ when they exercise their rights.

7. Conduct a Privacy Impact Assessment (PIA).

8. Create processes for data breach notification activities.

9. Have an ongoing program to make employees aware to ensure continual compliance with GDPR.

10. Add clear information on procedures to internal policy documents as well as to handbooks for new employees.

11. Add GDPR must-do's to the data protection policy document you get all employees to sign when they join.

12. Make sure website Terms of Use have full disclosure on why and how data is stored.

13. Have a final usability check on your website to make sure all data collection touch points are fully compliant.

14. Email your mailing list to tell them what you have done to be GDPR compliant to make sure they know and to allow them to opt in for the things you want to continue mailing them for.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 21 October 2019
If you'd like to register, please fill in the username, password and name fields.

Member Login

Business Insights & Tips


Jill Holtz
2244 Points
Tena Glaser
1394 Points
Michael Lane
802 Points
Ron Immink
732 Points
Fionan Murray
721 Points
View Leaderboard