We have replaced our Getting ready for the GDPR checklist with two new checklists - one for data controllers, and another for data processors.
Before undertaking our self assessment checklist to help your organisation get ready for the GDPR, you should first determine whether your organisation processes personal data as a “data controller” or “data processor”. The definition of these two terms can be found in the Guide to the GDPR.
In some instances, organisation will process personal information as both a controller and a processor. When this is the case, we would advise you complete both assessments.
GDPR checklist for data controllers
Designed to help you, as a data controller, assess your high level compliance with data protection legislation. Includes the new rights of individuals, handling subject access requests, consent, data breaches, and designating a data protection officer, under the upcoming General Data Protection Regulation.