The ICO has issued some guidance on the 12 points all organisations need to consider
- Awareness – decision makers and key people
- Information – document what you hold.
- Communicating privacy information – review and amend privacy notices.
- Individuals’ rights – ensure you can deliver against data subject rights.
- Subject access requests – update procedures.
- The legal basis for processing – identify and document.
- Consent – review how you obtain and record consent.
- Children – review consent processes for minors.
- Data breaches – ensure you have processes for detecting and reporting.
- Data protection by design and DPIAs.
- DPOs – appoint one.
- International transfers – ensure you have an appropriate legal basis.
NEED TO KNOW MORE?
If you would like to know more about the finance subject area, please contact the ibd head office on 01223 597 845.
GDPR pages courtesy of Tim Cobley