First steps to a GDPR audit
All businesses have customer data. It’s on paper, in drawers, on USB drives, on personal devices, in websites, mailing lists or networks and in the cloud. It’s everywhere. Do you really understand what you have and what your responsibilities are?
There’s no “kitemark” for data processing and storage, but a responsible attitude starts with understanding what you have, where it is and what it’s used for. That’s your responsibility and we’ll help you get some clarity and build trust with your customers by conducting the first steps of a GDPR audit.
Objectives for the Data Audit Workshop
During this 2 hour session, we’ll explore the kinds of customer data you have including special category data, list all the places this data is stored and clarify your position on legitimate use.
At the end of the session we’ll role play a Subject Access Request to challenge what we’ve learned.
Who should attend a GDPR Audit Workshop
The workshop runs for about 2 hours, can be done online or in person and is designed for groups of 2-4 people which can include:
- Business owners
- Operation managers
The Data Audit Workshop deliverables include:
- A compliant data and privacy statement for public use
- Clarity on your personal data risk
- A retention and deletion strategy
- A list of data storage places for future reference
- Provide recommendations for larger businesses who may need a Data Protection Officer