Preparing for the General Data Protection Regulation (GDPR) - 12 steps to take now
This checklist highlights 12 steps you can take now to prepare for the General Data Protection Regulation (GDPR) which will apply from 25 May 2018.
Many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA), so if you are complying properly with the current law then most of your approach to compliance will remain valid under the GDPR and can be the starting point to build from.
However, there are new elements and significant enhancements, so you will have to do some things for the first time and some things differently. It is important to use this checklist and legislative resources to work out the main differences between the current law and the GDPR. I am aiming to produce new guidance and other tools to assist you, as well as contributing to guidance regarding what Article 29 is, in real term producing at the European level.
I will also work closely with you over the next 6 months to share my personal insight and vast knowledge about implementation which you can use and make applicable in your sector. It is essential to plan your approach to GDPR compliance now and as I always say to everyone I recently have met, you need to really gain ‘buy in’ from key people in your organisation. You may need, for example, to put new procedures in place to deal with the GDPR’s new transparency and individuals’ rights provisions. In a large or complex business this could have significant budgetary, IT, personnel, governance and communications implications.
The GDPR places greater emphasis on the documentation that data controllers must keep to demonstrate their accountability. Compliance with all the areas listed in this document will require organisations to review their approach to governance and how they manage data protection as a corporate issue. One aspect of this might be to review the contracts and other arrangements you have in place when sharing data with other organisations.
Preparing for the General Data Protection Regulation (GDPR): 12 steps to take now is a diagrammatic view and I hope you will find useful. Some parts of the GDPR will have more of an impact on some organisations than on others (for example, the provisions relating to profiling or children’s data), so it would be useful to map out which parts of the GDPR will have the greatest impact on your business model and give those areas due prominence in your planning process.
I am here as a independent consultant to assist and help and its scary for many organisations that deadline day is only 6 months away. But you must ensure that you're positive in your approach, organised and have a robust timeline to ensure come the 25 May 2018 you and your organisations are fully GDPR compliant and ready for the challenges ahead.
Shad Kayani
Shad is a talented, ambitious, hardworking expert in GDPR with the appropriate professional accreditation. With a consistent track record of achieving outstanding business results and providing real tangible value to many organisations. He has over 19 years of expansive knowledge and expertise in helping protect global businesses from GDPR, data & other regulatory risks. Shad enjoys taking on challenging, high profile opportunities and taking ownership to produce exceptional outcomes. Shad has recently finished a project with a FTSE100 company and is seeking his next challenge and has immediate availability.
Shad Kayani - [email protected] & 07918 757003