GDPR checklist – the road to positive compliance and best practice data management

11 Dec GDPR checklist – the road to positive compliance and best practice data management

GDPR, a checklist

 

MyLife Digital, an organisation that empowers businesses and individuals to realise the meaning, value and power of their data, has compiled the ultimate GDPR checklist, which sets out activities you will need to consider – and act on – by the compliance deadline of 25th May 2018.

Organisation

  • My board understands and supports GDPR
  • We have checked we use plain English
  • We have assessed and updated our privacy policy
  • We have a data protection officer
  • We know which departments will be impacted
  • We have assessed the level of corporate risk
  • We understand how we communicate with our supporters
  • We can be fully accountable


Processes and systems

  • We know the source of all data
  • We know what data we are holding
  • We are transparent about the use and sharing of data
  • We can clearly demonstrate that we have consent to use this data
  • We have processes in place to delete data
  • We have systems in place to manage a data breach
  • We can comply with an individual’s right to portability 


Technology

  • We can provide details of all data electronically
  • All data is securely stored and safely encrypted
  • We can fulfil the ‘right to be forgotten’
  • All new technology has privacy by design built-in


Information and rights of access

  • We have updated all our permission statements and they are ready for GDPR
  • Individuals can easily find out what information we hold on them
  • We can verify individual’s ages and identify children for specific consent
  • We have developed template responses
  • We know what additional information needs to be collected to adhere to GDPR


Next steps

  • We have tested an individual’s experience when requesting consent
  • Individual’s can access their own data and update their preferences
  • We can put it right if we get it wrong
  • We can restrict profiling
  • All departments are fully aware of policies, procedures and the new GDPR regulations

 

Our current ‘Ask the expert’ report which focuses on GDPR has been produced in partnership with one of our Group Companies Response One and one of our Partner organisations MyLife Digital.

To read the report in full request your copy.

Talk to us if you want to learn more. 



Top