The General Data Protection Regulation has been around for a while now (almost six years!), but compliance is just as important as ever. So, you and your business need to make sure that you're clued up and continue to adhere to the regulation.
With that said, we’ve compiled ten of our top GDPR tips that can help you mitigate data protection weaknesses where you work....
- Make sure everyone is aware of the legislation (GDPR), particularly anybody who handles data.
- For some organisations, it’s a requirement that they document the personal data that they hold. For example, document where you received it from and who you are sharing it with. However, even if this isn't required, it’s good practice.
- Review your privacy notices regularly. If you make any changes to how you collect and process data, you could be at risk of fines and penalties.
- Review your procedures and make sure that they cover all of the rights granted to individuals, including how you go about changing personal data and how you provide data electronically and in a commonly used format to individuals.
- Update your procedures and plan how you will handle requests to delete an individual’s information.
- Identify the lawful basis for your processing activities under the GDPR, document it, & include it in your privacy notice.
- Review whether you need consent, and if you do, how you seek, record, and manage it, and whether you need to make any changes.
- Think about whether you need systems in place to verify individuals’ ages and to obtain parental or guardian consent for any data relating to children.
- Make sure you have the right procedures in place to detect, report, and investigate a personal data breach.
- Designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation’s structure and governance arrangements. For some organisations, this will mean appointing an official Data Protection Officer (DPO) but even if you don’t need one, you should have a person, or team of people, who are responsible for overseeing data protection within your organisation.
Online GDPR Training
Need to get staff up-to-speed with their GDPR responsibilities? We've got you covered! Here at iHasco, we offer a range of GDPR & Cyber Security Training Courses that will give your staff the knowledge they need to help your business work towards compliance.
Ready to get started? Great! You can claim a free, no-obligation trial to any of our courses today! Or if you'd like to know how we can help you with your specific training requirements, request a bespoke quote today and we'll be in touch shortly.