Compliance Playbook - GDPR Readiness and Compliance
- Set-up: Get set up for an organization-wide GDPR Readiness & on-going compliance project.
- Discover: Discover the current state of personal data processing within your organization.
- Plan: Plan to drive the organization towards full GDPR compliance.
- Protect: Protect all identified personal data.
- Enhance: Enhance your compliance program through ongoing privacy assessments.
A comprehensive GDPR framework with five phases to help achieve GDPR readiness and maintain on-going compliance:
Demonstrating compliance to Regulators is a fundamental pillar of GDPR and organizations need to be ready to report on their compliance efforts and be able to provide on-demand explanations of their privacy the program, including procedures and the underlying decisions.
The goal of the GDPR framework is to help companies manage security and privacy effectively in order for them to demonstrate compliance with GDPR and reduce the potential exposure to fines. The playbook will guide you across your GDPR journey – from readiness to on-going compliance.
Set your company apart from the competition using Midaxo and the dedicated GDPR Readiness and Compliance Playbook. Designed and updated by GDPR experts to ensure you are aware of the latest changes to regulations, etc.
Using Midaxo to manage GDPR readiness and on-going compliance you can gain increased transparency and control over your data, positioning your company to realise efficiencies, identify opportunities, drive innovation and reduce the risk of fines.
Project set-up: Covers allocating roles to those to be involved in GDPR efforts – such as a data protection officer – training and establishing the rights of data subjects, etc.
Discover: The Discover Stage of assessment/audit is centered around discovery and more in-depth gap analysis. This stage is one of discovery and mapping and anything that is relevant in the scope of the GDPR. An organization will need to gain insights into current practices on various levels such as audit capabilities/methods, where data sits (data discovery), which processes are involved, how data is processed, how privacy and security practices function, who is responsible and accountable today, what kinds of systems, networks and databases come into the equation, etc.
Plan: The Plan Stage is about preparing for the GDPR actions to be taken (as identified in the Discover Stage). Once an organization knows where the gaps are it’s time to get strategic and plan what needs to be done to close the gaps and address any other areas which have been identified.
Protect: The Protect Stage is centered around taking action and implementing the measures that have been planned for (see Plan Stage). These include executing & monitoring relevant business processes, managing consent and data subject access rights, etc. and delivering in-depth training.
Enhance: The Enhance Stage is centered around managing/evaluating and improving/adapting. Once plans are implemented, the work is not done - there will always be a need to improve and adapt. activity: monitor, assess, audit, report and evaluate adherence to GDPR standards outcome: ongoing monitoring and reporting
Contains 48 documents, including checklists, schedules, sample templates, forms and data registers.
*Note: The GDPR and Compliance Playbook is available to Midaxo customers at an additional cost.