Final Countdown to GDPR Compliance

The deadline for GDPR compliance is fast approaching, and once the regulation goes into effect on May 25, 2018, organizations will be expected to comply with its vast requirements. With steep penalties looming for those who are non-compliant, now is the time to ensure that this regulation is applicable to your company and if so, that your organization is ready.

Navigating Compliance

GDPR states that companies must provide a “reasonable” level of protection for the personal data of European Union citizens, but “reasonable” is not specifically defined, leaving much in the way of compliance open to interpretation. To help identify areas for compliance, we have put together the following checklist. Our list is not exhaustive, or industry-specific, but can be used as a general overview to help businesses move towards compliance:

  1. Have you completed a Data Audit to assess what personal information is stored or processed through your systems, websites, etc.?
  2. Have you designated a data protection officer (DPO) to oversee implementation and ongoing compliance?
  3. Do you have a Privacy Notice?
    • Is it available online?
    • Is it scheduled for annual review?
    • Does it include details regarding any and all ways personal information will be used?
  4. Have you documented your basis for data processing?
    • Do you have a record of lawful basis for processing sensitive and non-sensitive personal data?
  5. Do you have documentation for record-keeping and retention policies?
  6. Have you set up procedures for due diligence with third-party vendors?
  7. What if your company experiences a breach?
    • Do you have a procedure in place to respond to and remediate the issue as well as notify affected parties?
  8. Have you implemented training for your employees?

Continuous Monitoring

As you make your final preparations for GDPR compliance, remember this is not a “set it and forget it” implementation. Compliance with GDPR should be continually monitored and adjusted as necessary. If you need help setting up your compliance procedures, please connect with us.

Contact Us

Read More About GDPR Compliance:

Michelle Mackey
Related posts
Big data futuristic visualization abstract illustration

How to Effectively Communicate Cybersecurity Risk to Leadership

Your organization’s leadership (and if applicable, Board of Directors) have a responsibility to protect the…

Read More
binary code with lock sitting on top

10 IT Governance Steps for CCPA Compliance

The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. However, there…

Read More