News top

GDPR Checklist

Are you prepared for GDPR? GDPR is already in place since 25th of May 2018 and you shall not neglect the impact that it may have on your operations in case of non-compliance.

 

Have a look on the below checklist and see where you are right now:

1. C-Level Awareness

The managing personnel of your company understands the importance of the regulation and the challenges of becoming compliant. There are professionals already nominated for taking the responsibility on behalf of your organization on meeting all GDPR requirements.

Yes

No

2. Gap Analysis

You have completed a gap analysis to check where exactly your company was standing on its path to become compliant and you monitor your progress against it periodically, during GDPR implementation in your organization.



3. Stakeholders’ Assessment

If you are collecting personal data of your clients and then transfer it to some third party, such as your vendors and suppliers, then they also have to be compliant with GDPR. If in this situation, you made sure that you have the appropriate contracts with them and you are conducting due diligence procedures.



4. Roadmap

You’ve defined a detailed plan of what improvements in the current operations were required according to GDPR and update it regularly with activities that are not yet started, in progress or completed and also with professionals who were/are responsible for each. In this way, you can easily monitor progress and provide evidence of improvements.



5. Data Inventory

First, you’ve identified the stakeholders that processed your clients’ personal data. Second, you found out what kind of data they were collecting and for what purpose. Third, you tried to minimize this list by getting rid of some data types. Have you already gone through all these steps?



6. Data breach response

You’ve identified who must be notified within a company once a potential breach has been discovered or reported. You’ve also considered the following three general steps: planning to detect and contain an incident; steps for breach response (including notification if necessary); and cyber insurance.



7. Trainings

You’ve made sure that all your employees understand GDPR, its importance, its implications (in case of non-compliance) and their obligations.



8. Confirmation of compliance

You’ve invited your Data Protection Officer (DPO) and legal advisors (internal/external) to review your readiness and let them present their conclusions.



 

The above are just several of the most important GDPR requirements that need to be considered. If you’d like to re-assess your entire GDPR compliance status and make sure that in case of an external audit you can show comprehensive documentation with all areas impacted by GDPR and your progress level - subscribe to www.gdprq.eu and get exactly what you need – a full assessment report on GDPR status in your organization together with tailor-made recommendations for further steps where required. Check it now.

www.gdprq.eu

gdprq.png

A honlap utolsó módosításának időpontja: 2018.09.21