Things You Should Be Doing to Prepare for GDPR

Are you ready for the General Data Protection Regulation (GDPR)?


The General Data Protection Regulation, also know as GDPR, goes into effect May 2018. To help you prepare, we’ve put together a high-level checklist of things you should be doing to ready yourself for this new EU regulation.


Things You Should Be Doing:


1.  Raise awareness of the importance of GDPR compliance with organization leaders

2.  Review existing privacy & security efforts to identify strengths & weaknesses

3.  Identify all the systems where the organization stores personal data & create a data inventory

4.  Create a register of data processing activities & carry out a privacy impact assessment for each high-risk activity

5.  Ensure privacy notices are present wherever personal data is collected

6.  Implement controls to limit the organization’s use of data to the purposes for which it collected the data

7.  Establish procedures to respond to data subject requests for access, rectification, objection, restriction, portability, & deletion (right to be forgotten)

8.  Enter into contracts with affiliates & vendors that collect or receive personal data

9.  Establish a privacy impact assessments process

10.  Administer employee & vendor privacy and security awareness training

11.  Compile copies of privacy notices & consent forms, the data inventory & register of data processing activities, written policies & procedures, training materials, intra-company data transfer agreements, & vendor contracts

12.  If required, appoint a data protection officer & identify the appropriate EU supervisory authority

13.  Conduct periodic risk assessments.



Find the full list and more info about GDPR at kickbox.com and eugdpr.org


  • Read more about privacy policy.

This website uses cookies. If you’re comfortable with this, just continue using the site as normal. Read more Accept