GDPR relates to the personal data that you hold and process in your business or organisation.
Here at AW Training and Compliance we’ve put together a checklist to help you understand the laws and the on-going work you need to do to ensure continued compliance:
1. Know your personal data
You need to be able to demonstrate how personal data is collected, stored and processed within the organisation. Do you have a Record of Processing in Place?
2. Privacy notices
How is consent to use personal data of clients requested and recorded in your business or organisation? Are you transparent with prospects, clients and employees about what you will do with personal data you collect?
3. Personal data management
The personal data you old must be relevant, accurate and up to date. Do you know what to keep and what to destroy?
Personal data must be handled responsibly. Are your devices encrypted and have you considered who has access to the data?
5. Handling a personal data breach
Do all staff understand what can be defined as a personal data breach and how and when to report it?
6. Acting on Data Subject Requests
Prospects, clients and employees all have rights to access or erase their personal data, correct inaccuracies and object to processing, if they wish. Do you understand the processes to follow in such a scenario?
7. Are your suppliers GDPR compliant?
Are appropriate written contracts with third parties that process personal data on behalf of your business or organisation in place?
To discuss any of the points raised here and how AW Training and Compliance can help contact us on 01257 460081 or email firstname.lastname@example.org