How To Prepare For GDPR: Implementing A Compliance Programme
With the General Data Protection Regulation (GDPR) coming into effect next May, it is vital that organisations take action to ensure they are ready to comply.
It will be a challenge to be fully compliant by then, but taking care of the risky areas first will serve the most purpose. Begin by assembling a project team that identifies key stakeholders and a board or senior management buy-in to support the project.
Conduct an initial risk assessment to better understand how the business currently collects, uses and shares personal data, and how these steps are regulated.
Finally, establish a GDPR compliance action plan that includes prioritising activity and remedial measures, creates a data register, and provides training.