• Skip to primary navigation
  • Skip to content
  • Skip to footer
GDPR Shepherd

GDPR Shepherd

  • Home
  • Products
    • GDPR Shepherd
    • SAVANNAH & REDACT
  • Compliance
  • GDPR
  • Pricing
  • About
  • Contact

Compliance

The Information Commissioner's Office (ICO) has defined 12 steps to compliance

Steps Towards Compliance

1. Awareness

You should make sure that decision makers and key people in your organisation are aware that the law has changed to the GDPR. They need to appreciate the impact this is likely to have have.

2. Information you hold

You should document what personal data you hold, where it came from and who you share it with. You may need to organise an information audit.

3. Communicating privacy information

You should have reviewed your privacy notices and put a plan in action making any necessary changes for GDPR implementation.

4. Individuals’ rights

You should have checked your procedures to ensure they cover all the rights individuals have, including how you delete personal data or provide data electronically and in a commonly used format.

5. Subject access requests

You should have updated your procedures and implemented a plan for handling requests within the new timescales and provide any additional information.

6. Lawful basis for processing personal data

You should have identified the lawful basis for your processing activity in the GDPR, documented it and updated your privacy notice to explain it.

7. Consent

You should have reviewed how you seek, record and manage consent and whether you need to make any changes and refreshed existing consents if they didn’t meet the GDPR standard.

8. Children

If needed you should have put systems in place to verify individuals’ ages and to obtain parental or guardian consent for any data processing activity.

9. Data breaches

You should have made sure you have the right procedures in place to detect, report and investigate a personal data breach.

10. Data Protection by Design and Data Protection Impact Assessments  

You should have familiarised yourself with the ICO’s code of practice on Privacy Impact Assessments as well as the latest guidance from the Article 29 Working Party, and implemented them in your organisation.

11. Data Protection Officers

You should have designated someone to take responsibility for data protection compliance and assessed where this role sits within your organisation’s structure and governance arrangements. You should have considered whether you are required to formally designate a Data Protection Officer.

12. International

If your organisation operates in more than one EU member state (ie you carry out cross-border processing), you should have determined your lead data protection supervisory authority. Article 29 Working Party guidelines will help you do this.

Arrange a demo today!

Footer

Social

Follow along on social media.

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter

Contact

GDPR Shepherd
The Royals
353 Altrincham Road
Sharston
Manchester
M22 4BJ

+44 (0) 161 7110103

info@gdprshepherd.co.uk

VPM Data Protection Company No: 11112285

GDPR Software – Data Protection: ZA328375

Navigation

  • Home
  • Products
    • GDPR Shepherd
    • SAVANNAH & REDACT
  • Compliance
  • GDPR
  • Pricing
  • About
  • Contact

Newsletter

Stay up to date by subscribing to our newsletter.

Copyright © 2019 · Business Pro Theme on Genesis Framework · WordPress · Log in

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.