Organisation Strategies to ensure Compliance with GDPR

avatar
Created by
Lucy R

Cards (6)

  • Register with Information Commissioner's Office
    Organisations should be registered with the Information Commissioner's Office as a data user.
  • Restricted Access Systems
    Install restricted access systems so visitors have limited access to where data is held.
  • Safe Storage of Personal Data
    Have a policy that cabinets with sensitive data are locked at all times. Assign responsibility to an employee to ensure cabinets are locked when the office closes.
  • Record Information Use
    Create a procedure requiring anyone who accesses files/cabinets records what information they are using and why, with the date and time.
  • Access Rights
    Restrict access rights on the intranet so that only authorised people have access to data systems.
  • Regular Data Check
    Set up a regular data check asking the data subject to ensure that accurate information is held.