The entire General Data Protection Regulation (GDPR) revolves around the protection of personal data, how personal data can be used and so forth. Below we discuss the considerations you need to make when preparing implementation to be GDPR compliant.
Depending on the type of your organisation and your activities, you may need to consider other emphasises and obligations in order to comply with GDPR.
Review and define potential actions with regard to the following items:
Probably direct access to a large volume of Personal Data.
Probably direct access to a much smaller volume of Personal Data.
|Need for a DPO||When processing Personal Data on a large scale, repetitively,|
or when observing people or handling sensitive data.
|Project leader||Appoint a project leader for the GDPR implementation process|
to ensure that all elements (relevant for your organisation) are covered.
|Create internal awareness amongst your co-workers|
and instruct them on the new privacy-related procedures.
|Which of your suppliers is processing Personal Data on your behalf|
or are you processing Personal Data on behalf of customers?
|Document all your decisions related to handling Personal Data, informing Data Subjects or other GDPR elements.|
|Paper||In many organisations, the majority of employees are still handling paper-based information. Are you fully aware of where and how the organisation handles paper that might contain Personal Data?|
An organisation easily has over 10 different IT systems, internal or external to the organisation.
Each IT system has built-in security methods. In most cases (over 90%), these are not sufficient to ensure GDPR compliance.
A DPIA (Data Process Impact Analysis – see 4.3) is an instrument to review this.
|Principles of processing|
How to address (see also Principles of processing Personal Data):
|GDPR versus workability|
The GDPR implies extra tasks and responsibilities for the entire organisation. How can you automate this (e.g. with Knowliah) in order to comply with a minimum of work, while guarding your co-workers from extra stress and work?
Want to learn more?
You can find information on the implementation guidelines of the GDPR, like processing principles, security measures, preparations, operations and much more by clicking on the button below.
You can also download our full implementation guide 'A free quick-start guideline for your GDPR implementation' as a PDF document.