Get Free Downloads
Start your GDPR today in just a few clicks
      
Get Free Downloads
Start your GDPR today in just a few clicks

How Can You Finish GDPR Fast?

Tagged with gdpr, ico, data, free, freeadvice, gdprtemplate, easygdpr, gdprfree,
by Adam Brogden
in Blog

30-Apr-2018 10:54

It’s fair to say that many companies are still choosing to ignore GDPR, hoping it will just go away or accepting the gamble that they will not suffer any sort of breach or risk ICO enforcement action. I think this is a bad decision but accept that owners are free to decide how to run their company. However over the last week I have spoken to many companies using Optindigo that are now starting to panic – starting to wish they had begun their GDPR preparations earlier. So what should they do? What is the least they can get away with? Perhaps more positively, how do they minimise the risk of a breach and enforcement action?

Here is a suggested approach that gives you the most impact in the time remaining. This is just a suggestion, other options are available.

1. Complete a high level Strategy and plan. This helps ensure you have support from your management team and can ensure you’ll have the resources you need. You are going to need help!
2. Sort out your database and establish where you have GDPR compliant consent and where you don’t. If appropriate start to re-optin your data but not forgetting that PECR and DPA still apply, don’t risk a huge spam re-optin campaign.
3. Engage with your suppliers as this can take some time and is vital. Start this now even if you know you won’t complete the task. It will help demonstrate due-diligence has started.
4. Create a Privacy Policy and, if appropriate, a consent form on your website. Start collecting GDPR opt-ins now! Don’t forget that consent is usually the most difficult option. Look carefully at what you do and choose the appropriate basis.
5. Do a quick Privacy Impact Analysis. Look for obvious holes, weaknesses, deficiencies and make sure your IT team get to work. You can remove a lot of problems with some simple IT upgrades.
6. Complete a Data Discovery exercise. Depending on your organisation this can take a while, so if you are short of time focus on high risk data [sensitive, financial, children]. Look at how you collect, store and process this data and take steps to avoid issues. You must come back to this later if you don’t complete the task.
7. Establish key GDPR processes – SAR, Breach, Complaint - these are mandatory and usually simple to set up.
8. Keep a log of everything – you need to be able to demonstrate commitment and proactive action. Record, record, record!

Our GDPR Document Generator can help you complete most of your document templates instantly [well, in about 9.6 seconds], but you still have lots of work to do. Contact us for help and advice – we are always happy to help.

Good luck all.