How to develop and implement a General Data Protection Regulation (GDPR) compliance programme
Author: Jo Broadbent
Click on any of the hyperlinks to go to more detailed guidance below.
- Understand the key strategic factors to take into account when designing a GDPR compliance programme.
- Understand the purpose of conducting an audit of HR personal data.
- Ensure that data protection policies and documents are GDPR compliant.
- Create an HR personal data register to meet GDPR record-keeping requirements.
- Review third-party contracts with data processors.
- Take a consistent approach to data transfers outside the EEA.
- Review subject access policies and data breach response systems to ensure that they are GDPR compliant.
- Conduct impact assessments in relation to high-risk processing.
- Test new data protection procedures.
- Communicate changes to the workforce.
- Provide training on new or updated employee obligations.