The General Data Protection Regulation UK Spelling - Page 12

Checklist: what do you need to do right now? The list below, provides a number of areas for consideration prior to the May 2018 deadline. A review of these items will ensure that the processes and policies you have in place will minimise risk of non-compliance. Awareness You should make sure that decision makers and key people in your organisation are aware that the law is changing to the GDPR. Information you hold You should document what personal data you hold, where it came from and who you share it with. You may need to organise an information audit across the organisation or within particular business areas. Communicating privacy information You should review your current privacy notices and put a plan in place. Individuals’ rights You should check your procedures to ensure they cover all the rights individuals have, including how you would delete personal data or provide data electronically and in a commonly used format. Subject access requests You should update your procedures and plan how you will handle requests within the new timescales and provide any additional information. Processing software You should review your applications and tools to ensure that your systems, access rights and documentation processes are adequate for compliance. invenias powering your search for talent