1 - AWARENESS
Inform key people and decision-makers about upcoming changes, and evaluate the impact that the GDPR will have on the company or organization.
2 - DATABASE
List all personal data you keep, note their source and list people with whom you shared them. Record your treatments. You may have to organize an information audit for this purpose.
3 - COMMUNICATION
4 - HUMAN RIGHTS
Check whether current procedures within your company or organization are in conformity with for all people rights, including the way in which personal data can be deleted or communicated.
5 - ACCESS REQUESTS
Update your existing procedures and think about how you will now process access requests with respect to new GDPR deadlines.
6 - LEGAL BASIS FOR PERSONAL DATA PROCESSING
Keep track of the different types of data processing you perform and identify the legal basis for each one.
7 - CONSENT
Evaluate how you request, obtain and record people consent and make all necessary changes.
8 - CHILDREN
Develop systems to verify the age of people and ask the parent (s) or guardian (s) before processing minors’ data.
9 - DATA LEAKS
Provide adequate procedures to detect, report and analyze personal data leaks.
10 - DATA PROTECTION FROM START & IMPACT ANALYSIS
Get familiar with “data protection from the design stage” and “data protection impact analysis” and examine how you can implement these concepts in your business or organization.
11 - DATA PROTECTION OFFICER
If necessary appoint a data protection officer or a person who is responsible for complying with data protection rules. Evaluate the place this person has within your structure and within your company policy.
12 - INTERNATIONAL SCALE
Determine which supervisory body you shourd report to if your company or organization is active wordwide..
13 - EXISTING CONTRACTS
Evaluate your existing contracts – especially with subcontractors – and make the necessary changes in a timely manner.
GDRP INTERACTIVE MAP
Hover on the icons to discover your road map