25th May has almost dawned up us and the moment we all have been preparing for is here! As you may have noticed from reading the latest tech news and emails, the implementation of GDPR law begins from 25th May 2018. By now you must be aware of the potential for heavy fines with the enforcement of this law. If you haven’t still begun making the necessary changes, here is a last minute checklist to ensure your organization is compliant with GDPR.
Create a DataMap
According to the Article 30 of GDPR, data controllers and processors should have a record of processing containing certain high-level attributes such as the purpose of processing, a description of categories of the data subjects etc. Create a detailed data map to track the flow of your data elements. If you don’t have a data map in place life could become more difficult while responding to a personal data breach or a data subject breach. Along with this, a data map can also be useful for improving your understanding of the scope of GDPR.
Privacy by Design
A start to end data protection policy can help make your organization compliant with GDPR. This should include everything from ensuring the data security to deleting this data from storage. Since there is absolutely no time left, a short-term solution is to conduct an audit of the security you already have in place. Quickly implement changes to any weaknesses you find in your security system. Make minor changes such as obtaining an SSL certificate, backing up your website data, ensuring your firewall is in place and scanning your email and website for any viruses. If you feel your passwords are weak, now would be a good time to change it to a strong one.
Update other policies
Include your HR in the automated profiling decisions
If your business consists of making automated decisions based on data profiles, then GDPR is about to change it all. Following the enforcement of GDPR, individuals can refuse to be the subject of a decision that is based on the automated processing.
With a deadline approaching sooner than later, it is important to begin addressing the changes that will be imposed by GDPR. In case of any queries, you can even check out the Guide to the General Data Protection Regulation for more information.
Keep reading iTMunch for the latest news, updates, and blogs.