COMING SOON… Defining the Equipment function
Publication of this article is due week beginning 27 May 2019
Month: May 2018
Our GDPR Journey #19 – Wrap up and Review
We reach the end of our journey to GDPR compliance and it’s good to have a review. We’ve learnt some things and are pleased to say that we are GDPR ready. There are 3 things we would encourage all organisations to do:
Our GDPR Journey #18 – Review and 3rd Party Reviews
Having well informed employees and stakeholders is a key part of establishing a culture of compliance within your organisation. Here we discuss training, not just of the GDPR but of the things that individuals need to do on a daily basis to ensure that personal data is treated properly. Doing this will help ensure you …
Our GDPR Journey #18 – Review and 3rd Party Reviews Read More »
Our GDPR Journey #17 – Breach Management
Personal data breach is one area where the GDPR lays down some quite specific rules on what is required. These rules require organisations to have documented processes and reporting mechanisms in place to ensure that they notify both individuals and authorities about any breaches. In this video we discuss our approach and the steps and …
COMING SOON… Defining the Support function
Publication of this article is due week beginning 20 May 2019
Our GDPR Journey #16 – Training
Having well informed employees and stakeholders is a key part of establishing a culture of compliance within your organisation. Here we discuss training, not just of the GDPR but of the things that individuals need to do on a daily basis to ensure that personal data is treated properly. Doing this will help ensure you …
Our GDPR Journey #15 – Contracts
The GDPR talks about Controller Processor Contracts, Data Processing Contracts, Joint Controller Agreements and others. In this video we discuss the required contractual elements, which documents might need review and some of the places you might look to check.
Our GDPR Journey #14 – Process Documentation
This time we talk about the kinds of processes you will need for GDPR and how to approach the documentation of them. We also take you through our Subject Access Request document in detail. Processes you will need for GDPR include: Data mapping Data Protection Impact Assessment Subject Access Request Rights Breach Etc. . . …
Our GDPR Journey #13 – Technical Measures
The GDPR is vague on which technical measures are needed. In this video we try to give some guidance on how to approach implementing technical security and some straightforward ideas which we hope will be of use to those who might be less technical. As part of all Gydeline subscriptions we make Cyber Essentials available. …
Our GDPR Journey #12 – Data Minimisation
As a relatively young business it is easier for Gydeline to comply with the requirement to minimise the amount of data that we both process and collect. In this video we make some brief comments about minimisation and provide some examples that show how we have reduced to a minimum the amount of personal information …