What is it?
The most radical overhaul of data protection law in this country for 20 years is due to take place on 25 May 2018.
The General Data Protection Regulation will mean that the way that we all handle personal data is going to have to change. From consent, to record-keeping, breach reporting and privacy notices there is plenty to think about.
The GDPR applies to all organisations, regardless of size or the type of business they carry out, but what exactly needs to be done, and just as importantly, what does not need to be done is not easy to identify.
Data Protection Audits
If you are going to assess whether you can be GDPR compliant you need to know what data you hold and how you process it.
To understand your obligations you need to be able to establish what you are doing and whether there any gaps which need to be filled. This can be a daunting process, especially if you don’t have an in-house legal team or data protection expertise. Data collection processes, retention policies, data security, record-keeping, data breach policies, contracts with third parties and privacy notices are just a few of the things which need to be assessed.
At Blacks, we offer bespoke audit solutions for organisations of all sizes, across all sectors and provide tailored advice on what needs to be done. We can help you review the results of your own audit or manage the process from start to finish to ensure the best possible chance of compliance.
If you would like further information about how we can help with your GDPR compliance audit, please contact: