Fast Track Your GDPR Compliance Efforts

Build a sustainable GDPR compliance framework.
 Join Now

If you're already a member, click here to log in.

Major Business Pain Points

  • Organizations often tackle compliance efforts in an ad hoc manner, resulting in an ineffective use of resources.
  • The alignment of business objectives, information security, and data privacy is new for many organizations, and it can seem overwhelming.
  • GDPR is an EU regulation that has global implications; even if you are outside the EU it likely applies to your organization more than you think.
Fast Track Your GDPR Compliance Efforts-Pain Points

Recommendations

Key Points

  • Financial impact is not simply fines. A data controller fined for GDPR non-compliance may sue its data processor for damage.
  • Even day-to-day activities may be considered processing. Screen-sharing from a remote location is considered processing if the data shown onscreen contains personal data!
  • This is not simply an IT problem. Organizations that address GDPR in a siloed approach will not be as successful as organizations that take a cross-functional approach.

Approach

Fast Track Your GDPR Compliance Efforts-Recommendations
  • Follow a robust methodology that applies to any organization and aligns operational and situational GDPR scope. The framework allows organizations to tackle GDPR compliance in a right-sized, methodical approach.
  • Adhere to a core, complex GDPR requirement through the use of the documentation templates.
  • Understand how the risk of non-compliance is aligned to both your organization’s functions and data scope.
  • This blueprint will guide you through projects and steps that will result in quick wins for near-term compliance.
 Subscribe to Premium

Methodology and Tools

Executive Brief

Read the concise Executive Brief to find out why you should fast track your GDPR compliance efforts and review the methodology.

  • Fast Track Your GDPR Compliance Efforts – Executive Brief
  • Fast Track Your GDPR Compliance Efforts – Phases 1-5

1. Understand your compliance requirements

Understand the breadth of the regulation’s requirements and document roles and responsibilities.

  • Fast Track Your GDPR Compliance Efforts – Phase 1: Understand Your Compliance Requirements
  • GDPR RACI Chart

2. Define your GDPR scope

Define your GDPR scope and prioritize initiatives based on risk.

  • Fast Track Your GDPR Compliance Efforts – Phase 2: Define Your GDPR Scope
  • GDPR Initiative Prioritization Tool

3. Satisfy documentation requirements

Understand the requirements for a record of processing and determine who will own it.

  • Fast Track Your GDPR Compliance Efforts – Phase 3: Satisfy Documentation Requirements
  • Record of Processing Template
  • Legitimate Interest Assessment Template
  • Data Protection Impact Assessment Tool
  • A Guide to Data Subject Access Requests

4. Align your data breach requirements and security program

Document your DPO decision and align security strategy to data privacy.

  • Fast Track Your GDPR Compliance Efforts – Phase 4: Align Your Data Breach Requirements & Security Program

5. Prioritize your GDPR initiatives

Prioritize any initiatives driven out of Phases 1-4 and begin developing policies that help in the documentation effort.

  • Fast Track Your GDPR Compliance Efforts – Phase 5: Prioritize Your GDPR Initiatives
  • Data Protection Policy

All resources on this page are provided to Cyber Leadership Hub members under license from third parties including Info-Tech Research Group Inc, a global leader in providing IT research and advice.