The GDPR came into force on 25th May 2018
what should you have done by now to demonstrate compliance?
By now, you should have made some effort towards demonstrating compliance with the GDPR. We believe that the steps below form the basis of a solid compliance journey. They are by no means exhaustive however, you do need to make a start.
CONDUCT A DATA MAPPING EXERCISE
GENERATE RECORDS OF PROCESSING ACTIVITIES (ARTICLE 30)
CONSIDER IF YOU ARE REQUIRED TO APPOINT A DATA PROTECTION OFFICER
IDENTIFY HIGH RISK PROCESSING ACTIVITIES
CONDUCT A DATA PROTECTION IMPACT ASSESSMENT
REVIEW AND REDRAFT DATA PROCESSING CONTRACTS
REVIEW TRANSPORTED DATA FLOWS
REVIEW SECURITY MEASURES
CONSIDER ANY ACTION NEEDED TO COMPLY WITH NEW SUBJECT RIGHTS