We reach the end of our journey to GDPR compliance and it’s good to have a review. We’ve learnt some things and are pleased to say that we are GDPR ready. There are 3 things we would encourage all organisations to do:
Having well informed employees and stakeholders is a key part of establishing a culture of compliance within your organisation. Here we discuss training, not just of the GDPR but of the things that individuals need to do on a daily basis to ensure that personal data is treated properly. Doing this will help ensure you …
Our GDPR Journey #18 – Review and 3rd Party Reviews Read More »
Personal data breach is one area where the GDPR lays down some quite specific rules on what is required. These rules require organisations to have documented processes and reporting mechanisms in place to ensure that they notify both individuals and authorities about any breaches. In this video we discuss our approach and the steps and …
Having well informed employees and stakeholders is a key part of establishing a culture of compliance within your organisation. Here we discuss training, not just of the GDPR but of the things that individuals need to do on a daily basis to ensure that personal data is treated properly. Doing this will help ensure you …
The GDPR talks about Controller Processor Contracts, Data Processing Contracts, Joint Controller Agreements and others. In this video we discuss the required contractual elements, which documents might need review and some of the places you might look to check.
This time we talk about the kinds of processes you will need for GDPR and how to approach the documentation of them. We also take you through our Subject Access Request document in detail. Processes you will need for GDPR include: Data mapping Data Protection Impact Assessment Subject Access Request Rights Breach Etc. . . …
The GDPR is vague on which technical measures are needed. In this video we try to give some guidance on how to approach implementing technical security and some straightforward ideas which we hope will be of use to those who might be less technical. As part of all Gydeline subscriptions we make Cyber Essentials available. …
As a relatively young business it is easier for Gydeline to comply with the requirement to minimise the amount of data that we both process and collect. In this video we make some brief comments about minimisation and provide some examples that show how we have reduced to a minimum the amount of personal information …
Enabling the rights of data subjects is perhaps one of the most important aspects of GDPR. In this video we talk about how we have done this. The three basic steps are:
Copyright ©2016–2019 Gydeline Ltd
Registered in England & Wales No. 09559617 | Office 18, ESAM, Carluddon Technology Park, St Austell, PL26 8WE | VAT No: 226 0817 24
