Get Free Downloads
Start your GDPR today in just a few clicks
      
Get Free Downloads
Start your GDPR today in just a few clicks

GDPR can Kiss My Butt

Tagged with GDPR HELP, FREE GDPR, DOWNLOADS, GDPR SUPPLIER, GDPR COMPLIANCE, THIRD PARTY, COMPLIANCE, DUE DILIGENCE, FREE ADVICE, SUPPLIER CONTRACTS
by Adam Brogden
in Blog

20-Nov-2018 15:29

Ok, so the headline is funny but you do really need to take your GDPR responsibilities seriously.

KISS – Keep It Simple Stupid

Do the basics well. GDPR is not just about completing your documents, sticking in a drawer and forgetting about it. GDPR is about managing personal data carefully, ensuring you have a lawful basis and never abusing the trust of the data subjects.

KISS includes ensuring you have management buy-in; testing and upgrading your IT; and training your staff, reviewing suppliers and their contracts, and of course making sure you are able to respond to a customer request. Don’t forget your monthly GDPR audits, mystery shopper SAR requests, and spot-checks. These are all important to ensure you meet your GDPR responsibilities. Document everything you do. Having an audit trail of compliance activity might just be the one thing that saves your life if you have to face the ICO.

MY – Never forget that it is your responsibility

You are responsible and accountable for your actions. Not the boss, not the IT team, not Casper the friendly ghost. You! GDPR has clarified accountability and there is no get out! ICO enforcement action can be fierce but imagine facing the prospect of a class action against you or your company! You really don’t want that.

BUTT – No buts, you do what you need to do

There is no doubt that GDPR is pretty complex. 99 Articles, hundreds of pages and some pretty complicated policies to wrap your brain around. However, it’s really not that bad. GDPR is all about you, all the data you collect, store, and process and how you run your business. So, there is really no excuse for not doing what you need to do. If your boss moans about the new Clear Desk policy and refuses to lock away his files just remind him that he is responsible for his actions. There is no excuse. No ifs, no buts. Just do your GDPR.

Good luck all.