How do we maintain compliance?

UK GDPR Principles

Data subject rights

UK GDPR Compliance

Once we are confident in our ability to demonstrate compliance with the UK GDPR across our whole organisation, we need to implement plans to maintain this.

Many organisations did some work in advance of the GDPR in May 2018, but then treated it as a completed project, and this approach has meant that data protection risks have gradually increased overtime.

There are a number of tools and techniques which can be helpful in maintaining compliance overtime:

DPIA’s
Triggers document
Data protection on every meeting agenda
Data protection by design and by default – implications for agile and waterfall projects
Nomination of a data protection officer (DPO) or data protection lead
Continuing professional development (CPD)
External help

Introduction to the UK GDPR