Proving compliance is now more important than ever! The GDPR comes into effect on May 25th, and when it does, it will introduce increased accountability for data, as well as increased penalties for organisations who fail to comply. In order to avoid crippling fines, proving GPDR compliance is of utmost importance.
1. Arden Group – Listen. Understand. Deliver
Arden Group
GDPR Series-
Proving
Compliance
2. Arden Group – Listen. Understand. Deliver
Proving compliance is now more
important than ever!
The GDPR comes into
effect on May 25th, and
when it does, it will
introduce increased
accountability for data, as
well as increased penalties
for organisations who fail to
comply. In order to avoid
crippling fines, proving
GPDR compliance is of
utmost importance.
3. Arden Group – Listen. Understand. Deliver
How can you demonstrate compliance?
• Data protection audits
• Appointment of a Data Protection Officer (DPO)
• Staff data protection training
• Privacy Impact Assessments (PIAs)
• Data protection policy reviews
• Pseudonymisation
4. Arden Group – Listen. Understand. Deliver
Data Protection Audits
If you are not fully aware of
all the personal data you
store, and where you store
it, it will be almost
impossible to comply with
the GDPR or demonstrate
your compliance. This is
why a data protection
audits are essential.
5. Arden Group – Listen. Understand. Deliver
• Why am I holding this data?
• How did we obtain it?
• How long will we retain it?
• How secure is it?
• Do I ever share it with third parties?
It is beneficial to look at the flow of data out of
your organisation so that you can ensure that
its security is maintained for the duration of its
life cycle.
6. Arden Group – Listen. Understand. Deliver
Appointment of a Data Protection Officer
(DPO)
In certain instances, it may
be necessary for your
organisation to appoint a
DPO to ensure GDPR
compliance. We have
written an article to help
you decide whether or not
this is a necessary step for
your organisation
7. Arden Group – Listen. Understand. Deliver
Staff Data Protection Training
All members of staff should
be provided with training to
ensure they understand
what changes the new
legislation will bring about.
In addition to this, all new
employees should receive
data protection training
before they are given
access to personal data
8. Arden Group – Listen. Understand. Deliver
Privacy Impact Assessments (PIAs)
PIAs should be carried out when planning out a new
initiative which may involve ‘high risk’ data processing.
‘High risk’ is defined as an activity which may
compromise the data subjects’ right to privacy, such as
systematic evaluations or processing special categories
of data like race or medical information. The purpose of
conducting a PIA is to identify and minimise non-
compliance risk.
9. Arden Group – Listen. Understand. Deliver
Data Protection Policy Reviews
If your organisation already
operates in alignment with
other data protection
policies, it is important that
you review them to mitigate
any incompatibilities with
the GDPR. It is also
essential that existing
policies can be easily
accessed by their intended
audience.
10. Arden Group – Listen. Understand. Deliver
Pseudonymisation
The ICO encourages the use of pseudonymisation in
order to strengthen data security and privacy. It can be
defined as the technique of processing data in such a
way that the person who it belongs to can no longer be
identified unless the data is cross-referenced with an
additional, separate source. This technique is seen as
being necessary when processing data in a way that is
separate from the purposes for which it was originally
obtained.
11. Arden Group – Listen. Understand. Deliver
Keep in touch!
Tweet us
@ArdenGroupLTD
Take a look at our
LinkedIn Updates
12. Arden Group – Listen. Understand. Deliver
Need more information about GDPR?
We have collated a series of articles and
resources that are designed to answer some
common queries regarding GDPR, and how it
will impact each industry in different ways.
Click here to find out more
13. Arden Group – Listen. Understand. Deliver
Find out More.
At Arden Group we deliver a complete range of managed
services in the communications technology industry,
including online security. Using our in-depth knowledge of
the market, we advise and implement the latest security
solutions, helping to keep our customers data safe, no
matter where business takes them. To find out more about
how we can help to protect your business,
contact us today.
www.arden-group.co.uk
Tel: 03702 64 64 65