Over the last few weeks the traffic and sign-ups on Optindigo have
exploded. However we have noticed that compliance has become more about
how companies should approach the analysis phase rather than how they
complete the changes required to be GDPR compliant.
In fact – this is now so common that we are producing a set of How to guides –
not how to GDPR – more like how to document your organisational structure;
break-down your business processes; define your data models; understand your
IT; and how to complete a PIA.
There are all pre-requisites of a successful GDPR project but most small
companies don’t understand how to do this. No disrespect intended but unless
you have a IT/IS background how would you? There is very little material on
how to actually complete the analysis phases and besides a few templates – there
is nothing from the ICO. We are spending more time talking about how to
document company operations than GDPR regulations.
Feels like something has been missed – SMEs often don’t have the expertise or
funds to complete even this phase so how can they possibly complete GDPR
compliance?
If you have any generic business, process or data analysis templates please let me
know – I know companies that would be very grateful!
Good luck all!