Our easy step by step process
Step 1 – Data Audit – What data do I have? (with spreadsheet)
Step 2 – Data Audit – What do I do with the data that I found in Step 1? (with colour-tabbed Word tables)
Step 3 – Permissions – What are the Permissions which apply to how I process the data (as identified in Step 2).
Step 4 – ‘Legitimate Interests’ – What does it mean and how much of my processing can I fit under this umbrella?
Step 5 – Data Cleansing – a short explanation about why secure destruction of data doesn’t mean hitting the delete key and emptying a recycle bin, together with some options for secure destruction methods to investigate. Crib list of options and web addresses.
Step 6 – Data Access – examines the internal administrative controls required to ensure that data access is proportionate and as unintrusive as possible.
Step 7 – Introduces the primary technical measures that can be taken to protect data.
Step 8 – Employing Staff and how to manage GDPR for employee data
Step 9 – Managing Data Instreaming. Putting in place measures to ensure that the data you receive matches the permissions you identified at Steps 3 and 4 and which will obviate your revisiting Step 5. This includes monitoring the data you routinely collect and where it comes from as well as data provided to you from external sources so that you can provide a service for the originator.
Step 10 – Data Review and retention/destruction/cease to process – Almost all business data has a finite life and you need to set parameters for that life-cycle which align with your business. How long is it reasonable for you to retain personal information after your last contact from a client or potential client? If someone signed up to a teenagers’ web service when they were 15 years old and their latest activity was a year later, when do you destroy the data? That type of ‘things to consider’ – GDPR practicalities
What is included?
Videos with some tools to support the various steps – designed to make your life that little bit easier. Once you purchase you will be sent a link to access the course, and access to the Data Protection Zone – the place you can ask all your questions and receive answers from our experts – the DP Zone support is unlimited questions.