With the GDPR well and truly underway, you may have been putting off getting compliant, or may not have all the facts just yet, this article is an attempt to help.
- First of all, here's a list of 5 documents you need to complete ASAP:
- Employee Privacy Notice: You need to explain to your staff why you're collecting their personal data, how you're collecting their personal data and how you're storing their personal data. - Also you will need to make sure you are double checking this information, as if it is found that you have made a leak or the data has been intercepted, you could be fined up to €20 million or 4 percent of your annual turnover, whichever is higher.
- Data Processing Agreements: If you work with a data controller or data processor, your relationship must be governed by a written agreement that includes a number of provisions to ensure GDPR compliance.
- Privacy Impact Assessments: If you make any significant changes to your data processing arrangements, you will be required to conduct an assessment to identify potential risks.
- Internal Data Protection Policy All of your employees that handle personal information need to understand how to comply with the GDPR, identify breaches and report such an incident.