2019 New Year’s Resolutions
A new year, a new start! The start of a new year is always a great opportunity to set new business goals for the following 12 months. While GDPR may have launched 8 months ago, it is never too late to reach and fine tune compliance. We have identified 5 key data protection goals to focus on in the New Year.
- Assess the current GDPR status
Examine the organisations GDPR compliance against its original goals and ensure any gaps are now addressed. This may include fine tuning policies and procedures, updating the website, amending employee or supplier contracts and increasing awareness using posters, circulars and leaflets.
- Deliver Refresher Training
For data protection measures to be truly effective the business requires the buy in of all staff. One off training is not enough. May 2019 will be the one-year anniversary of the launch of the GDPR and the ideal time to deliver refresher training. Training that includes round table discussion, real life examples and short tests tend to be the most effective.
- Test Security Measures
Cyber Security measures should be regularly tested. This is particularly important if the business collects financial or sensitive data. Known as penetration testing, probing a business’s security systems can help to expose vulnerabilities that would not otherwise be identified until it’s too late.
- Test Data Subjects Rights
The new year is a great opportunity to test the most common data subject right – subject access requests (SAR). SAR requests can be complex and time consuming and with only 30 days to complete a request it’s important organisations practice their SAR process to ensure all parties know their roles and that a 30-day target is achievable.
- Conduct a data breach drill
Data breaches are the single biggest cause of complaints to data protection authorities and the potential repercussions can range from reputational damage to fines and regulatory censure. Organisations who prepare for breaches through practice drills are better placed to manage future breaches effectively. Practice runs can also help to open up discussion about potential vulnerabilities. Drills are most effective if they are managed through a project team consisting of staff members from all over the business including senior management, HR, finance and customer service. Always document the actions and outputs of these exercises.
Our clients use GDPR compliance as an opportunity to improve processes and to become more secure and efficient.
Today, is the best day to start this process, call us now and let our people look after your people.
Contact us on +353 (46) 909 3605 or [email protected]