[powr-countdown-timer id=5137ae2d_1491490870751]
Once you have completed the data inventory you should have a clear picture of the personal data that you hold within your organisation. A great start! You may feel you deserve a break from thinking about GDPR after all that work but with only 12 months to go and the Data Protection Commissioner, Helen Dixon making it clear in a recent article with Adrian Weckler in the Irish Independent* that “it’s absolutely the case that we will be imposing fines against big and small entities based on the issues that come across our desk and the areas of risk we identify. There’s nothing surer than this” there is no room for complacency! The next step on the road to GDPR compliance is using the information that you have gathered from the data inventory to carry out a gap analysis aimed at showing you how compliant your organisation currently is with GDPR versus where you need to be to achieve GDPR compliance.
This is effectively reviewing each Article of the GDPR to understand what your organisation is currently doing in respect of the content of each Article and what it needs to be doing. To take an example – Article 13 of the GDPR lists the information that you must provide to a data subject where personal data is collected from that data subject. To understand whether your organisation is in compliance with this Article you need to understand what information you currently give to data subjects, what additional information you need to be giving and a plan of action to implement whatever changes are required to reach compliance. Ward Solutions are currently providing gap analysis services to a number of organisations. If you require assistance in this regard contact sales@ward.ie.
*Irish Independent Article- http://bit.ly/2q31CNJ
To know more about our next GDPR event, register here and pop us a question- http://bit.ly/WardGDPR
-
Insights