MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

GDPR – 12 things you need to do in 12 months

The one year GDPRcountdown has officially started for businesses and organisations who deal with manage or hold European data. It won’t be long until May 2018 comes around, giving you a tight time frame to get organised for GDPR legislation.  

If you haven’t started your GDPR project yet, we know it can be daunting. That’s why we’ve provided you with our best 12 tips to put into practice for the next 12 months to be fully compliant. Taking it a step at a time will allow you to get on top of your GDPR requirements without the added stress.  

May 2017 

Ramp up GDPR awareness to ensure business buy-in  

June 2017 

Appoint your functional area GDPR champions  

July 2017 

Engage key business stakeholders (IT, Legal, HR, Marketing)   

August 2017 

Define your personal data processing activities, both internal and external 

September 2017 

Review your consent mechanisms, policies and transparency notifications  

October 2017 

Identify your high-risk personal data processing activities 

November 2017 

Prioritise and remediate your high-risk personal data processing activities 

December 2017 

Update your data protection policies and privacy notices 

January 2018 

Educate personal data handlers, both internal and external 

February 2018 

Update your procedures for Data Subject request handling 

March 2018 

Put in place a system for privacy breach identification and response  

April 2018 

Establish guidelines for handling personal data transfer requests 

May 2018 

Now you’re ready for GDPR! 

For more information about GDPR and how you can help get your organisation ready for the May 2018 deadline, click here.  

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations
  • All fields are required. No free emails.

  • This field is for validation purposes and should be left unchanged.