• GDPR tips
August 1, 2017
01 Aug 2017

Top 12 Tips for Getting Ready for GDPR

A new data privacy law, the General Data Protection Regulation (GDPR), comes into force in May 2018 overhauling current data protection legislation. Under the General Data Protection Regulation, data protection law will be significantly lightened and individuals’ rights to bring claims will be strengthened.

The new regulation will impact all business sectors; see our Summer Covernotes newsletter to read more about why all businesses need to be aware of GDPR or continue on to read our top twelve tips to help you get ready for one of the biggest changes in data regulation for many years

 

1. Make people aware

Ensure key people and decision makers are aware of the impact this is likely to have.

 

2. Document your information

Document the information you should hold, where it came from and how you used it. Create an information audit if you need to.

 

3. Communicate

Communicate your privacy notices and update if necessary in readiness for the implementation of GDPR.

 

4. Check procedures

Check your procedures to cover the rights of individual’s data, including how you delete records and how you transmit data.

 

5. Make a plan

Plan who has access to data records and who has the ability to amend and update records when required. This ensures a transparent audit trail of who is using the data and for what purpose.

 

6. Confirm the legal basis

Confirm the legal basis you have for using the data you hold and document it.

 

7. Review ways of obtaining data

Review the way you obtain data with particular regards to obtaining and recording consent to use it from the individual.

 

8. Verify your data

Plan how you verify ages of individuals when data gathering to ensure if dealing with minors, parental/guardian consent is obtained and recorded.

 

9. Be prepared for data breaches

Ensure you have procedures in place to detect, investigate, and report a personal data breach.

 

10. Understand

Use the guidance of Privacy Impact Assessments to understand how to implement them within your business.

 

11. Be responsible

Designate a Data Protection Officer, if necessary. This must be a responsible person as the role should sit within your company governance arrangements.

 

12. Be aware of international data regulations

If you deal internationally, you will need to determine which data protection supervisory authority you come under.

 

Our advice to businesses is act now – ensure you are ready to comply with GDPR when it comes into force in 2018. Make sure to check back with our website in the following months to keep updated on the matter or get in touch with our team.

 

 


0 Comments/in Latest News /by /#permalink
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Other News

Merthyr Tydfil Institute for the Blind

Merthyr Tydfil Institute for the Blind is our nominated charity - to find out more please visit their website www.mtib.co.uk

Creative Risk Solutions Limited is a wholly owned subsidiary of Circle Insurance Services Ltd.

© Copyright - Creative Risk Solutions Ltd. Authorised and regulated by that Financial Conduct Authority (FCA). Registered in England and Wales. 5506143.

The Financial Ombudsman Service [FOS] is an agency for arbitrating on unresolved complaints between regulated firms and their clients.

Full details of the FOS can be found on its website at www.financial-ombudsman.org.uk

Registered Office: Pod 1, Capital Shopping Park, Leckwith Road, Cardiff, CF11 8EG