How to prepare for the GDPR

Wed 24th May 2017

The GDPR comes into force on 25th May 2018, but organisations are recommended to start preparing for the changes as soon as possible to avoid non-compliance and ensure that any changes to processes and procedures can be tested, and that training can be implemented in good time.

Here is a list of some of the key items to consider and plan for when preparing your organisation for the General Data Protection Regulation:

  • Ensure understanding of the new GDPR obligations
  • Put in place HR, legal, IT and compliance teams
  • Carry out a data audit
  • Carefully assess current HR and marketing data, and related processing activities
  • Identify any gaps with complying with the GDPR
  • Marketing databases almost certainly will need to be cleansed
  • Review current privacy notices and update them
  • All information must be easy for individuals to understand
  • Assess the legal grounds for processing personal data
  • Check whether or not consent obtained meets GDPR requirements
  • Ensure procedure exists to assist prompt notification of any breach
  • Train employees to recognise and address data breaches
  • Put appropriate policies and procedures in place
  • Determine whether data protection officer must be appointed and think about how best to recruit, train and resource one

Want to know more?

Click here to view SA Law's dedicated GDPR hub page for more practical information, views and insight from our expert teams. 

CONTACT CHRIS

If you would like more information or advice relating to this article or an Employment law matter, please do not hesitate to contact Chris Cook on 01727 798098.

Read our latest views & insight about the GDPR
Read all GDPR related views & insights
GDPR Numbers Image SA Law
Views & Insights
The Future of Data Protection in the UK

'UK GDPR' - What is the Data Reform Bill?

Read More
SA Law Red arrow neon light image
Views & Insights
Data Protection and workplace coronavirus testing

Managing the data protection challenges of workplace coronavirus testing

Read More
GDPR Numbers Image SA Law
Views & Insights
EU-US Privacy Shield declared invalid

The European Court of Justice (ECJ) invalidated the EU-US Privacy Shield as an appropriate mechanism to meet the GDPR’s cross-border personal data transfer…

Read More
SA Law Red arrow neon light image
Views & Insights
GDPR: two years on

Chris Cook examines a recent report from the European Commissions review of the GDPR, two years on.

Read More
GDPR Numbers Image SA Law
Views & Insights
A new age: working from home and GDPR

What GDPR issues may arise from working from home and what you should do to reduce risk and stay compliant.

Read More
SA Law Red arrow neon light image
Views & Insights
Data protection and the coronavirus pandemic

Good news: The ICO provides clarity on common areas of data concerns during the unprecedented coronavirus pandemic.

Read More
SA Law Red arrow neon light image
Views & Insights
Data protection and school photographs

ICO shares guidance following two schools being reprimanded for distributing photographs of pupils without parents’ consent.

Read More
SA Law Red arrow neon light image
Views & Insights
GDPR one year on: make sure your small business is compliant

Chris Cook shares vital tips for SMEs who haven't done anything to abide by GDPR, and how they can start going about compliance.

Read More
Read all GDPR related views & insights
GDPR, Data & Privacy

SA Law's GDPR Assist

We can help you tackle the new data protection legislation head-on with a range of bespoke services including our fixed-price GDPR Response Toolkit.

Read More
GDPR, Data & Privacy

Get Compliant with SA Law

Everything you need to know about the forthcoming General Data Protection Regulation (GDPR) that is coming into force on 25th May 2018.

Read More
Read More