Action Points for GDPR Compliance:
• Invest time in conducting a thorough data mapping exercise.
• Consider where you are passing on data – where are the third parties and why is it being passed on?
• Consider your budget for a breach – are senior management/the board fully aware of GDPR?
• Ensure all third parties that you deal with have a GDPR compliant contract governing the relationship/use of data.
• Is your business IT savvy enough to deal with GDPR?
• Are all policies GDPR compliant and have you considered risk assessments in relation to your work processes?
• Have staff (at ALL levels) been appropriately trained on GDPR and IT security? This should be carried out at least once a year.