GDPR Data and Tech Checklist

Issue link:

Contents of this Issue


Page 0 of 1

+44 (0) 207 601 7100 GDPR CHECKLIST Checklist of key technology and data steps to consider – and revisit regularly! Getting started Review the GDPR and the PECR and relevant guidance from your country's/sector's regulators Complete a Privacy Impact Assessment Write your Privacy Notice (supported by your legal and compliance team) Communicate your Privacy Notice transparently Key areas for your leadership With your leadership team, decide legal grounds for processing your data With your leadership team, decide what consents you will collect, whether broad or granular With your leadership team, decide how long any consents captured will remain valid (for each audience) Ensure you have a clearly-understood process for handling data breaches Data management essentials Implement training and individual user agreements for your staff as a precursor to data access Identify which systems across your institution are the 'source of truth' for each audience Agree with your users how quickly data updates will be processed (suggested maximum 21 days) Determine what information you will retain for those who request their data be removed Determine appropriate (transparent) wording when collecting preferences verbally Put in place measures to ensure your volunteers protect personal data when serving your institution Consider all data across multiple systems and spreadsheets, not just your main database/CRM Communicate how your data can/should support other departments

Articles in this issue

Links on this page

view archives of npInsights - GDPR Data and Tech Checklist