This self assessment toolkit has been created with small organisations in mind. It will be most helpful to small to medium sized organisations from the private, public and third sectors.
Good information handling makes good business sense. You'll enhance your business's reputation, increase customer and employee confidence, and by making sure personal information is accurate, relevant and safe, save both time and money.
Use our checklists to assess your compliance with data protection law and find out what you need to do to make sure you are keeping people’s personal data secure. Once you have completed each self assessment checklist a short report will be created suggesting practical actions you can take and providing links to additional guidance you could read that will help you improve your data protection compliance.
Getting ready for the GDPR
Before undertaking our self assessment checklist to help your organisation get ready for the GDPR, you should first determine whether your organisation processes personal data as a “data controller” or “data processor”. The definition of these two terms can be found in the Guide to the GDPR.
In some instances, organisation will process personal information as both a controller and a processor. When this is the case, we would advise you complete both assessments.
GDPR checklist for data controllers
Designed to help you, as a data controller, assess your high level compliance with data protection legislation. Includes the new rights of individuals, handling subject access requests, consent, data breaches, and designating a data protection officer, under the upcoming General Data Protection Regulation.