EU General Data Protection Regulation
by Mandy Webster (comments: 0)
What we can do to help
We have developed a compliance framework to manage and evidence data protection compliance with input from company secretaries from the social housing sector. The framework identifies the key elements for compliance around roles and responsibilities, policies and procedures and training. It allows compliance personnel to record the current compliance position of the organisation and to highlight remedial activity. It shows the required standard, suggests audit activities and signposts guidance materials.
To implement the framework and introduce it to compliance personnel, we can offer a two day project comprising:
Day one: preparation work to tailor the Control Framework with information from the client, carry out a gap analysis of existing policies and procedures, suggest amendments and provide draft materials as required to meet Control Framework standards.
Day two: on site to Introduce the Control Framework to compliance personnel and data protection practitioners, brief managers and IT on the GDPR, how to create an Information Asset Register, and managers’ compliance roles.
It will not be assumed that the organisation is compliant with current data protection law. Managers will be given an overview of current common data protection issues and appropriate solutions, a briefing on current data protection do's and don'ts such as using secure means to transfer personal data rather than email, implementing good housekeeping rules around purging and deletion so that personal data is not held indefinitely and so on.
The IT briefing on GDPR and, in particular, changes to subject rights and other issues likely to require an IT solution for 2018 is essential.
If this would help your organisation to comply with current data protection law and prepare it for the GDPR why not call us on 01283 516 983?
Mandy P Webster, Director, Data Protection Consulting Limited