GDPR BIG DATA WORKFLOW

CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME1 1 GDPR PREPARATION
1.2 Print GDPA registration certificate GDPA Registration Certificate
1.2 Display trust seal on website GDPA Trust Seal
1.3 Finalise Project Management plan GDPR Project Management Plan OPEN | DOWNLOAD | UPDATE
CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME2 2 GDPR TRAINING
2.1 Watch GDPR Awareness Presentation CHAPTER IV - Section 4 - Data Protection Officer GDPR Awareness Presentation
2.2 Present GDPR Awareness to Staff Members and Employees
CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME3 3 GDPR TRAINING
3.1 Conduct personal data information gathering exercise at least annually CHAPTER II - Principles Personal Data Analysis Form
3.1 Identify lawful basis for processing personal data in each case at least annually Article 6 - Lawfulness of processing
CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME4 4 GDPR PRIVACY POLICIES & NOTICES
4.1 Develop and maintain GDPR privacy policy Article 5 - Principles relating to processing of personal data GDPA online policy
4.2 Display privacy policy on website GDPA email with code
4.3 Create or amend existing privacy notices & policies Articles 13 and 14 - Information to be provided GDPR Privacy Policy Customisation Guide
4.4 Review and amend consent methods and procedures Article 7 - Conditions for consent Consent Request Form
CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME5 5 DATA SUBJECT RIGHTS
5.1 Implement Data Subject Access Request Management Solution CHAPTER III - Rights of the data subject GDPA DSAR Gateway
5.2 Record data subject request procedures Data Subject Request Procedure Document
Data Subject Request Procedure Flowchart
5.3 Train staff in the correct handling of data subject request procedures GDPA DSAR Gateway
CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME6 6 INFORMATION SECURITY
6.1 Conduct GDPR and information security awareness training CHAPTER IV - Section 4 - Data protection officer Information Security Presentation
6.2 Create or amend existing Information Security Policies CHAPTER IV - Section 2 - Security of personal data Information Security Policy
CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME7 7 DATA BREACH MANAGEMENT
7.1 Implement Personal Data Breach Management Portal GDPR Data Breach Portal
7.2 Create information security incident management procedure CHAPTER IV - Section 2 - Security of personal data Personal Data Breach Response Plan
7.3 Communicate security incident to affected data subjects CHAPTER IV - Section 2 - Communication of a personal data breach to the data subject Breach Notification Letter
CODE REF TASK MAIN GDPR REFERENCE RESOURCES ACTIONS
GSME8 8 GDPR COMPLIANT AGREEMENTS
8.1 Update contracts with processors to be GDPR compliant CHAPTER IV - Section 1 - General obligations Third-Party Agreement (Processor)
8.2 Address employee confidentiality requirements Employee Confidentiality Agreement
END