Gdpr compliance checklist
This gdpr compliance checklist was converted using iauditor. performing a compliance check can help you mitigate exposure to regulatory penalties. use this checklist as a guide to comply with the basic gdpr regulations.
What does this form include?
This form contains 5 sections:
Lawful basis and transparency
- Conducted an information audit to determine what information you process and who has access to it
- Have a legal justification for data processing activities (refer to article 6)
- Provided clear information about data processing and legal justification in the organization's privacy policy
Data Security
- Follows the principles of "data protection by design and by default"
- Implements encryptions such as pseudonymination, anonymation and etc.
- Created an internal policy for team members that builds awareness on data protection (i.e., knowledge on email security, passwords, two-factor authentication, device encryption, and VPNs)
- Have a data protection impact assessment scheduled and a process in place to carry it out
- Have a process in place to notify the authorities and data subjects in the event of a data breach
Accountability and governance
- Anointed personnel to ensure GDPR compliance across the organization
- Signed data processing agreements between the organization and third-party services that handle personal data on your behalf
- Appointed a Data Protection Officer (if necessary)
Privacy rights
- It's easy for customers to request and receive all the information you have about them
- It's easy for customers to correct or update inaccurate or incomplete information
- It's easy for customers to request their personal data to be deleted
- It's easy for customers to ask you to stop processing their data
Data Controller's Signature
Use this template