GDPR Readiness Test


Is your organisation aware of what the data protection principles are under GDPR?

Has your organisation designed, documented and communicated your processes to deal with data subject rights (DSRs) – that is individuals’ requests to access, amend or delete their personal data or object to data processing within the new timeframes (e.g. subject access requests; right to be forgotten requests; objections to profiling; objections to automatic decision making)?

Has your company put in place a data breach notification procedure to detect report and investigate a personal data breach, together with a response plan?

Do you have a Data Protection Impact Assessment process in place?

Has your organisation got to grips with the principle of privacy by design/default?

Has your organisation undertaken a data-mapping exercise?

Does your company set up and undertake regular compliance audits or reviews in order to identify and rectify issues?