GDPR Readiness Test

STEP 1 OF 4

Is your organisation aware of what the data protection principles are under GDPR?

Has your organisation designed, documented and communicated your processes to deal with data subject rights (DSRs) – that is individuals’ requests to access, amend or delete their personal data or object to data processing within the new timeframes (e.g. subject access requests; right to be forgotten requests; objections to profiling; objections to automatic decision making)?

Has your company put in place a data breach notification procedure to detect report and investigate a personal data breach, together with a response plan?

Do you have a Data Protection Impact Assessment process in place?

Has your organisation got to grips with the principle of privacy by design/default?

Has your organisation undertaken a data-mapping exercise?

Does your company set up and undertake regular compliance audits or reviews in order to identify and rectify issues?