How should organisations prepare for the GDPR? - Jaz'ing Up GDPR!
 Login | Forgot Password | My Account | Contact

How should organisations prepare for the GDPR?

Becoming compliant with the GDPR does not happen overnight. This is especially true if you’re starting a new business or organisation, or adding a new data-related department.

You must put procedures in place to deal with the GDPR’s Regulation.

Here are some useful things to get you started.

  • Build awareness. From your most junior member of staff to board level, ensure everyone is aware of the Regulation and their responsibilities – what they need to do and when.
  • Map your data. What Personal Data do you hold? What’s its purpose? Where is it stored? Where did it come from, and who do you share it with? For this type of fundamental data audit, having the right tool in place to help you map, visualise and manage your data can make life so much easier. Don’t ever assume you know what Personal Data is being held. All staff should be asked to contribute to this exercise, as you will probably find people holding Personal Data on Data Subjects you never realised they had.
  • Consider if you need to have a designated Data Protection Officer. Decide who will take responsibility for compliance and where this role will sit within your organisational structure. For many organisations, this will involve formally appointing a Data Protection Officer. Personally, I feel if you can’t think of a good reason not to have a Data Protection Officer, then it’s probably a good idea to have one!
  • Generate or review your security breach prevention procedures. This will involve a security audit to ensure the data protection measures your organisation has in place, or is putting in place, are adequate, so you can detect, respond to and report breaches, in accordance with the Regulation. This might sound like a mammoth task, but after you have done it once, things will be much easier in the future.
  • Generate or review and refresh your consent procedures. Look at how you obtain, record and manage consent from Data Subjects. Consider whether any changes are needed to your existing procedures. The same applies to your privacy notices.
  • Do you help individuals exercise their rights? If a customer asks for a copy of the data you hold on them, could you provide it? What will happen if someone asks you to delete or transfer their data to another party? Review your infrastructure and procedures so you can comply with such requests, quickly and efficiently.

The golden rule is to “get started” – and take the time to ensure you’re becoming compliant, rather than just ticking boxes. The GDPR is not about ticking boxes or getting a certificate, it’s about building good data protection procedures and processes that work.

The GDPR will become an essential component of your organisation’s culture. It will simply be the things everyone does as part of providing a great service to your clients and customers.

Where can I find out more information about {term}?

The Jaz'ing Up GDPR! book covers {term} in more detail in a fun and easy to understand way without all of the bureaucratic legalise that is common in all other books and discussions about the GDPR.

The book is full of cartoons and call outs to make it easier to grasp what GDPR is all about and is split into 3 main sections.

  • GDPR Nuts and Bolts explains everything you need to know about the GDPR and {term}.
  • Staff Toolbox that is designed for staff who work with personal data and need to get a grounding on the subject.
  • Your Rights as a Data Subject is written from the point of view of the individual person who is affected by the GDPR so that they know there rights and the types of things they will be asking for.

Find out more about the book here.

Was this answer helpful?
No 0
The information provided on this website is for educational purposes only and does not constitute legal advice. We recommend that you take the appropriate legal advice where you think it is needed.


Our website uses cookies. By continuing to use our site you are agreeing to our Cookie Policy. Please press the Accept button to allow our website to use cookies to provide you with the full features available.