GDPR Compliance Review
Posted on 24th June 2019 at 14:09
Almost 50% of UK businesses are still not fully compliant with GDPR. This could lead to a fine of 4% of yearly turnover or €20m. In order to review your ongoing compliance we suggest carrying out a Data Protection Audit. This is a way to assess an organisation’s processing of personal data for the following of good practice. This includes, but is not limited to, compliance with the requirements of the GDPR and other data protection regulations.
The benefits of an audit include:
helping to raise awareness of data protection, general information security and cyber security;
showing an organisation’s commitment to, and recognition of, the importance of data protection and individual rights;
independent assurance of data protection policies and practices;
identification of data protection risks and practical, pragmatic, organisational specific recommendations to address them; and
the sharing of knowledge with trained, experienced and qualified staff.
The focus of a Data Protection Audit is to determine whether the organisation has implemented policies and procedures to regulate the processing of personal data and whether that processing is carried out in accordance with such policies and procedures. When an organisation complies with its data protection requirements, it is effectively identifying and controlling risks to prevent personal data breaches.
An audit will typically assess the organisation’s procedures, systems, records and activities in order to:
ensure that appropriate policies and procedures are in place;
verify that those policies and procedures are being followed;
test the adequacy of controls in place;
detect breaches or potential breaches of compliance; and
recommend any required changes in control, policy and procedure.
It is over a year since the GDPR regulations came into effect and is a good time to review how you are getting on with your policies and procedures. Get in touch now to book in your Data Protection Audit.
Share this post: