Post archive - gdpr steps

Our GDPR Journey #19 – Wrap up and Review

We reach the end of our journey to GDPR compliance and it’s good to have a review. We’ve learnt some things and are pleased to say that we are GDPR ready. There are 3 things we would encourage all organisations to do:

Read More »
Taking a close look at your GDPR arrangements and those of other parties you use

Our GDPR Journey #18 – Review and 3rd Party Reviews

Having well informed employees and stakeholders is a key part of establishing a culture of compliance within your organisation. Here we discuss training, not just of the GDPR but of the things that individuals need to do on a daily basis to ensure that personal data is treated properly. Doing

Read More »

Our GDPR Journey #17 – Breach Management

Personal data breach is one area where the GDPR lays down some quite specific rules on what is required. These rules require organisations to have documented processes and reporting mechanisms in place to ensure that they notify both individuals and authorities about any breaches. In this video we discuss our

Read More »

Our GDPR Journey #16 – Training

Having well informed employees and stakeholders is a key part of establishing a culture of compliance within your organisation. Here we discuss training, not just of the GDPR but of the things that individuals need to do on a daily basis to ensure that personal data is treated properly. Doing

Read More »

Our GDPR Journey #15 – Contracts

The GDPR talks about Controller Processor Contracts, Data Processing Contracts, Joint Controller Agreements and others. In this video we discuss the required contractual elements, which documents might need review and some of the places you might look to check.

Read More »

Our GDPR Journey #14 – Process Documentation

This time we talk about the kinds of processes you will need for GDPR and how to approach the documentation of them. We also take you through our Subject Access Request document in detail. Processes you will need for GDPR include: Data mapping Data Protection Impact Assessment Subject Access Request

Read More »

Our GDPR Journey #13 – Technical Measures

The GDPR is vague on which technical measures are needed. In this video we try to give some guidance on how to approach implementing technical security and some straightforward ideas which we hope will be of use to those who might be less technical. As part of all Gydeline subscriptions

Read More »

Our GDPR Journey #12 – Data Minimisation

As a relatively young business it is easier for Gydeline to comply with the requirement to minimise the amount of data that we both process and collect. In this video we make some brief comments about minimisation and provide some examples that show how we have reduced to a minimum

Read More »

Our GDPR Journey #11 – Rights

Enabling the rights of data subjects is perhaps one of the most important aspects of GDPR. In this video we talk about how we have done this. The three basic steps are:

Read More »