The new GDPR regulation requires business to review and implement procedures that affect many departments. Each area of the new rule book from consent to security will need to be reviewed against current working practices, For existing data architecture from sales to delivery services.
Understanding how to bring your team to be ready for May 25th 2018 will play an important part of compliance preparation.
The simple to follow questions will give you an insight as to the challenges and decisions you are likely to have to implement a set of policies that protect your business and serve the needs of regulation.
You can revisit the questions as often as you wish, we will only provide a general indication of total readiness by placing a score against your answers relating to an absolute ready answer verses a completely not aware answer. This is just an initial prompt which is supported by a full report that will follow shortly after the questions are completed.
We will keep your information confidential in line with our privacy policy, please not that we may contact you if we believe that our services may help you to achieve GDPR readiness you will be able to request no further contact at each and every opportunity.
How aware are your employees of GDPR and Data Protection Security?
We have briefed all members of staff regardless if they have contact with the general public on data protection and the new GDPR regulation and data security.
We have given a brief outline of data protection, and we will be do more if we receive more requests about data we have processed.
We haven't considered what impact GDPR has had on our business.
We don't need to ask about data protection as all of our customers are repeat business.
We provide information in our monthly newsletter on things the staff need to be up to speed with.
Can we easily identify where all Personally identifiable information (PII) is processed in our business?
We have not yet mapped where new and historical personal identifiable data is hosted in our company.
We have a clear map of where data is situated for sales but not all departments.
We have audited all data held by the company and understand the location of all PII removed non permission data and have created a robust process for lawful processing and storage.
We hold data in different departments and would need to review how they are connected.
We have a lot of historical data that we have not yet organised.
Have you confirmed contractual and audit for third party product and services providers?
We have new contracts in place to provide a high level of protection to processing of personal identifiable information and carried out due diligence testing and put in place ongoing audits.
We do not have any contracts with third party suppliers.
We do have an existing contract with our third party supplier but we do not monitor or audit their systems.
We have third party hosting, email and text but do not have GDPR references in our contracts.
We have contracts with our suppliers and are reviewing how they protect personal identifiable information.
Have you selected a framework or system to process personally identifiable information to ensure you can react to the rights of the individual elements of the regulation?
We may consider how we access data if the questions become common place.
We're not data system designers we simply file things away.
We don’t have a formal data protection process and we haven`t carried out a risk impact assessment.
We get a customer declaration signed but it stops there.
We have designed a process dedicated to responding in line with regulation time frames to information an access requests.
Please confirm at which customer touch points you collect specific data consent?
We only have data declaration statements when product companies requested them.
We have a blanket data statement that confirms we do a range of things with the data we hold.
We have data declarations, but they don’t always get filed.
We have a centralised managed function that ensures that data consent is lawfully collected across all customer touch points. (including web sites, forms, telephone and email)
We only have a couple of data forms where this would apply, so it is easy just to request consent at those points.
How secure are your devices and network against Hacking
We are too small for a security policy.
I think we have good information security, but we have a man that does that.
We have a strong information and data handling policy that ensures regular updates of passwords , protection software and encryption of data and conduct regular training.
We have basic antivirus software but don’t think we are a big enough fish for hackers to waste time on.
We have considered reviewing our security and are looking to introduce more adequate software.
Thank you for taking our free GDPR Assessment. Based on your knowledge, your score is
100/100
We can help you to making your business GDPR compliant. Please feel free to contact our customer support team on 0282 003 2280 to discuss this report, GDPR compliance software, training and other requirements.
We can help you to making your business GDPR compliant. Please feel free to contact our customer support team on 0282 003 2280 to discuss this report, GDPR compliance software, training and other requirements.
Great, you are at an advanced stage of GDPR readiness.Our software can get the consent control started from today . Please feel free to contact our customer support team on 0282 003 2280 to discuss this report, GDPR consent software, training and other requirements.
I confirm that I want to receive educational material, product announcements and information from simpledatasafe.co.uk and they hold my data for that purpose only.
You have a right to request stop anytime.
(Full details available on the use of data are available within the privacy policy area on this web site)
Sorry! could not submit your request.
Thank you, to submitting your request. Please click to download your check list and information guides.
In order to provide you with the reports upon completion of this assesment please provide the following information
I confirm that I wish to use this risk assessment and receive education material, product announcements and information from simpledatasafe.co.uk and they hold my data for that purpose only.
You have a right to request stop anytime.
(Full details available on the use of data are available within the privacy policy area on this web site)
I confirm that I want to receive educational material, product announcements and information from
simpledatasafe.co.uk and they hold my data for that purpose only.
You have a right to request stop anytime. (Full details available on the use of data are available within the privacy policy area on this web site)
Sorry! could not submit your request.
Thank you, for your interest. One of our representatives shall call you back as soon as possible.