NEW

A summary of the Information Commissioner’s Office’s 12-point GDPR checklist

A summary of the Information Commissioner’s Office’s 12-point GDPR checklist Ensure senior/key people are aware of GDPR and appreciate its impact. Document any personal data you hold, where it came from and who you share it with. Conduct an information...

Six privacy principles for General Data Protection Regulation compliance

In May 2018 the General Data Protection Regulation (GDPR) comes into effect. The new regulation strengthens local European legislation for data protection and aligns regulators under one authority. David Thomas, Head of Information Security & Privacy...

Why you should review your website

Why you should review your website regularly How long has it been since you last looked at your website? I mean really looked at it? How long since you've spent some time checking and reviewing the content? Checking contact details are up to date? Checking that all...

Why Even Small Businesses Need a Websites

If your company wants to be a success, then it needs a website. It is the ultimate solution to connect with customers, enhance brand awareness, and market to customers without breaking your budget. ICT Media take a closer look at just some of the reasons why every...

Great digital marketing books.

Great digital marketing books. #DontMakeMeThink #WebDesign #365BlogIdeas #blogging #vlogging #DigitalMarketing

Planning lots of great articles to write and share with…

Planning lots of great articles to write and share with you. #ShareTheKnowledge #ShareTheWealth

Just finished a great book on growth hacker marketing. Now…

Just finished a great book on growth hacker marketing. Now to put the ideas and creative juices into action!

Working on another website redesign this week, our clients want…

Working on another website redesign this week, our clients want to get noticed, you can to #ictmedia #websitedesign #getnoticed

Working hard on a client’s content rewrite. Early mornings are…

Working hard on a client's content rewrite. Early mornings are the norm here! #ictmedia #content #copywriter

A summary of the Information Commissioner’s Office’s 12-point GDPR checklist

  1. Ensure senior/key people are aware of GDPR and appreciate its impact.
  2. Document any personal data you hold, where it came from and who you share it with. Conduct an information audit if needed.
  3. Review your privacy notices and plan for necessary changes before GDPR comes into force.
  4. Check your procedures cover all individuals’ rights under the legislation – for example, how you would delete personal data or provide data electronically in a commonly used format.
  5. Plan how you will handle subject access requests within the new timescales and provide any additional information.
  6. Identify and document your legal basis for the various types of personal data processing you do.
  7. Review how you seek, obtain and record consent. Do you need to make any changes?
  8. Put systems in place to verify individuals’ ages and, if users are children (likely to be defined in the UK as those under 13), gather parental consent for data processing activity.
  9. Make sure you have the right procedures in place to detect, report and investigate a personal data breach.
  10. Adopt a “privacy by design” and “data minimisation” approach, as part of which you’ll need to understand how and when to implement Privacy Impact Assessments.
  11. Designate a Data Protection Officer or someone responsible for data protection compliance; assess where this role will sit within in your organisation’s structure/governance arrangements.
  12. If you operate internationally, determine which data protection supervisory authority you come under.

For more detail on each of these 12 steps, refer to the ICO guidelines here