Stay informed about cyber awareness training topics and mitigate risk in your organisation.

GDPR – 12 things you need to do in 12 months


about the author

The one year GDPRcountdown has officially started for businesses and organisations who deal with manage or hold European data. It won’t be long until May 2018 comes around, giving you a tight time frame to get organised for GDPR legislation.  

If you haven’t started your GDPR project yet, we know it can be daunting. That’s why we’ve provided you with our best 12 tips to put into practice for the next 12 months to be fully compliant. Taking it a step at a time will allow you to get on top of your GDPR requirements without the added stress.  

May 2017 

Ramp up GDPR awareness to ensure business buy-in  

June 2017 

Appoint your functional area GDPR champions  

July 2017 

Engage key business stakeholders (IT, Legal, HR, Marketing)   

August 2017 

Define your personal data processing activities, both internal and external 

September 2017 

Review your consent mechanisms, policies and transparency notifications  

October 2017 

Identify your high-risk personal data processing activities 

November 2017 

Prioritise and remediate your high-risk personal data processing activities 

December 2017 

Update your data protection policies and privacy notices 

January 2018 

Educate personal data handlers, both internal and external 

February 2018 

Update your procedures for Data Subject request handling 

March 2018 

Put in place a system for privacy breach identification and response  

April 2018 

Establish guidelines for handling personal data transfer requests 

May 2018 

Now you’re ready for GDPR! 

For more information about GDPR and how you can help get your organisation ready for the May 2018 deadline, click here.  

you might enjoy reading these