GDPR: Documenting your Processes

When adhering to GDPR, organisations need to accurately document their processes when dealing with personal data, including how you share data, how you store it and your process for destroying it.

The following documents are necessary and it’s advisable to speak to your entire workforce to find out how they each individually use data:

  • Up to date Privacy Policies and Terms & Conditions.
  • Data Processing Form: A record of all data stored, including why and where.
  • Data Protection Impact Assessment: A series of questions about data protection you must ask before undertaking any new project.
  • Subject access record
  • Data Breach Record
  • Data Protection policies
  • Data Audits
  • Internal HR Audits

Data protection impact assessments

Data protection impact assessments (also known as privacy impact assessments or PIAs) are a tool which can help organisations identify the most effective way to comply with their data protection obligations and meet individuals’ expectations of privacy.

An effective DPIA will allow organisations to identify and fix problems at an early stage, reducing the associated costs and damage to reputation, which might otherwise occur.

You must carry out an assessment when:

  • using new technologies
  • the processing is likely to result in a high risk to the rights and freedoms of individuals. Data protection officers.

The GDPR makes it a requirement that organisations appoint a data protection officer (DPO) if you are:

  • carrying out large scale systematic monitoring of individuals (for example, online behaviour tracking)
  • carrying out large scale processing of special categories of data or data relating to criminal convictions and offences.

More detailed advice for GDPR can be found in the ICO’s GDPR Guide.

This is part of our ongoing series on GDPR. Find out more here and look out for our next blog on data breaches.

POPULAR POSTS

NEW: Payout frequencies and on demand payouts

We’ve updated the way you receive your payouts on Helm Tickets! You now have more control over when you receive your funds and can select the payout frequency that best suits you. These new features allow you to access your funds when you need them. It’s completely up...

How to market your event on Twitter

Social media moves fast, but nowhere is it faster than on Twitter. If you’re promoting events on Twitter, it means your marketing strategy needs to evolve quickly too.

Twitter may be one of the most challenging networks for social media event marketing, but it’s also one of the most rewarding.

How to market your event on Facebook

Facebook isn’t just the world’s favourite social media platform, it’s also a powerful events hub. With 490 million people using Facebook events every month, it’s the discovery site many people turn to when they want to find out what’s going on in their area.

GET WEEKLY EMAIL UPDATES

CONNECT WITH US