Ohh! very nice
8:22 a.m.
Your business has conducted an information audit to map data flows | |
Your business has documented what personal data you hold, where it came from, who you share it with and what you do with it. | |
Your business has an appropriate data protection policy. | |
Your business has nominated a data protection lead or Data Protection Officer (DPO). | |
Decision makers and key people in your business demonstrate support for data protection legislation and promote a positive culture of data protection compliance across the business. | |
Your business manages information risks in a structured way so that management understands the business impact of personal data related risks and manages them effectively. | |
Your business has implemented appropriate technical and organisational measures to show you have considered and integrated data protection into your processing activities. | |
Your business provides data protection awareness training for all staff. | |
Your business has sought prior written authorisation from the data controller before engaging the services of a sub-processor. | |
If your business operates outside the EU, you have appointed a representative within the EU in writing. | |
Your business has effective processes to identify, report, manage and resolve any personal data breaches. | |
Your business has a process to respond to a data controllers request for information (following an individuals' request to access their personal data). | |
Your business has processes to ensure that the personal data you hold remains accurate and up to date. | |
Your business has a process to routinely and securely dispose of personal data that is no longer required in line with agreed timescales as stated within your contract with the data controller. | |
Your business has procedures to respond to a data controllers’ request to supress the processing of specific personal data. | |
Your business can respond to a request from the data controller for the supply of the personal data you process in an electronic format. | |
Your business has an information security policy supported by appropriate security measures. |
© 2019 The Document Warehouse UK Ltd