In our last blog we discussed about What Is GDPR & Why Should Your Business Care ?
https://blogs.sap.com/2017/10/02/what-is-gdpr-and-why-should-your-business-should-care/#
In this blog we will discuss
How to prepare for GDPR
Step #1 In preparation for GDPR it is important to work on idenfiying some of the key aspect of sensitive data
- What personal data you have in your landscape ?
- Where is the personal data stored inside the Organization ?
- Who is accessing the sensitive data ?
- How are they processing the sensitive data ?
Step #2 Once you have done your homework on sensitive data, please follow the next steps below
- Document what personal information is held, where it came from and with whom it is shared (3rd Party)
- Ensure key departments are aware that the law is changing, and to anticipate the impact of GDPR.
- Review current privacy notices and prepare any necessary changes.
- Identify and document the legal basis for each type of data processing activity.
- Review procedures to address the new rights that individuals will have
- Review how consent is sought, obtained and recorded.
- Make sure procedures are in place to detect, report and investigate data breaches.
- Plan how to handle requests within the new time frames (72 hours) and provide the required information.
- Designate a Data Protection Officer to take responsibility for data protection compliance.