The GDPR is vague on which technical measures are needed. In this video we try to give some guidance on how to approach implementing technical security and some straightforward ideas which we hope will be of use to those who might be less technical.
As part of all Gydeline subscriptions we make Cyber Essentials available. This baseline level of information security is recommended by the UK government and should be achievable by all sizes of organisation. A free sign up is available here.
Some useful links we share in the video:
- Data Mapping
- Data Protection Impact Assessment
- The Cyber Essentials Standard
- Cyber Essentials on Gydeline
- Brand Partners
- 10 steps to Cyber Security from the National Cyber Security Centre
- The ICO guide to practice IT security
Other Videos in this Series
- 1 – Introduction
- 2 – Gap Analysis
- 3 – Data Mapping
- 4 – Processing Activity Record
- 5 – Policy
- 6 – Data Protection Impact Assessment (DPIA)
- 7 – Consent
- 8 – Privacy Notice
- 9 – Retention
- 10 – Data Portability
- 11 – Rights
- 12 – Data Minimisation
- 14 – Process Documentation
- 15 – Contracts
- 16 – Training
- 17 – Breach Management
- 18 – Review and 3rd Party Reviews
- 19 – Wrap-up and Review
