If you live on planet earth, then you've heard of GDPR (the EU’s General Data Protection Regulation). It is good to know your data rights . If you work with data (most of us do!), it is even better to know your responsibilities. We’ve taken the time to do our research and collected the best online resources to help you prepare your business for GDPR.
GDPR requires companies of greater than 250 employees to have a Data Protection Officer (DPO) in-place. Many will already have a Compliance Officer. Smaller companies still have the same obligations and carry the same risks. GDPR small business checklists are a great start to understand, prepare and take action.
At Logicearth, we offer a range of Compliance online training modules, and we’ve just released our GDPR training course – and it is a good one. Take a sneak peek at our GDPR course or see here for a full list of our engaging compliance courses including GDPR, Anti-money laundering, Information security awareness and more. These are offered via a simple site-license, can be customized to your business context and provide practical gdpr staff training.
For an introduction to GDPR, to know your PII from your pie, our guest blogger, John Strutt, an intelligence analyst and cyber security expert, explains what GDPR really means for your organisation.
Data protection is about protecting YOU
We live in an ever changing digital world, with more and more data available about all of us. Our most sensitive and personal information is at the mercy of people and organisations that we trust to do the right thing. But GDPR protects that trust even more; for data protection violations – fines have increased to €20 million or 4% of the total turnover of a company.
Working in compliance and learning & development, we are trusted to properly manage sensitive personal data. It’s important that we understand the risk that mishandling this data poses to our organisation.
ICO, the UK’s Information Commissioner's Office have a useful set of questions to help you assess your personal risk. These are written for data protection officers but are accessible to anyone seeking sound advice about what to do with the data you hold.
Six of the best GDPR compliance checklists and insights
If you’d like more detail, we’ve curated the best of the best in the list below. Here’s to data sensitivity and keeping us all safe!
1. Computer business review – the ultimate GDPR checklist
Do you know what type of data your organisation deals with? Is it structured or unstructured data? Can you clearly separate your sensitive data?
2. HubSpot – are you GDPR ready?
Kris Lahiri, Chief Security Officer at EgnyteDo, outlines an eight-step process to prepare for GDPR. Do you have procedures in place to handle requests from data subjects to modify, delete or access personal data? Do these procedures comply the new rules under the GDPR?
3. Infoworld – countdown to GDPR
Establish employee access authorisation policies to limit access to data and ensure privacy. Keep the policies updated to reflect organisational need and to monitor for breaches.
Try our interactive GDPR online training for free here.
4. Helpnet Security – privacy awareness checklist for GDPR
GDPR will streamline data protection for individuals within the European Union (EU). It also addresses the export of EU citizens’ personal data outside the EU. This means both Eurozone companies and those based in the U.S. will have to comply with the regulation.
5. UK Information Commissioner – getting ready for GDPR
Understand the difference between data controller and data processors – both have different responsibilities under GDPR.
6. Lewis Silkin – 11 things you should do to avoid GDPR fines
Lewis Silkin, a global law firm headquartered in the UK, recommends that you map and audit your data first. What personal data do you have, where is it stored, where is it sent, how is it processed, and what do you tell people about the processing?