How to prepare for GDPR: A few simple guidelines if you haven’t already started

How to prepare for GDPR: A few simple guidelines if you haven’t already started

25th May 2018

In Dataway we are busy helping all types of companies deal with the new legislation. Some have very little to do while others need a bit of help. Here is how one of our customers tackled it recently.

The overall aim is to be fully compliant by taking appropriate actions relevant to the amount of data and processing involved.

 

  • Decide on an owner for GDPR;
  • Make the whole organisation aware;
  • Assess the obvious potential areas of exposure;
  • Develop a plan, implement changes;
  • Document and keep records of everything you are doing (like your accounts except it is data instead of money).

 

Decide on the owner

Implementation of a GDPR compliance programme requires a reasonable amount of effort depending on what data processing you do so make someone senior responsible for it; let them identify the major stakeholders; assess the overall readiness of your company….we can help with this.

Then a must is to get genuine Management support. This is critical if you want to move on.

 

Companywide awareness

We have found this is one of the critical steps in the plan and best delivered early in the process. It means everyone is on board from early on. During almost all sessions we have found gaps that were not immediately obvious to the organisation themselves but came out at the awareness classes. We collate this and report back as part of the training.

 

Conducting an initial risk assessment

Next is to undertake an assessment of current practice – how and where the business collects, uses and shares personal data: decide what needs to be done about it, if anything, document it and have it auditable…Simple..

..or make Appropriate changes to make it compliant, maybe do it differently to make it easier on yourself ..

 

GDPR compliance action plan

Does something need to change? .. well let us plan out what you need to do and how high on the list is it.

 

Record and Audit

Are you keeping records and registers of relevant activities?  … This is so that in the event of an issue you can clearly demonstrate how you are taking appropriate level of action….  copying best practice is often an easy route to take.

 

That’s it …  you may not have much to do at all… Let us help.. initial free assessment is part of our service

Ciaran Molumby

[email protected]; Office: +353 1 676 0420; Mobile: +353 86 044 3902