GDPR readiness depends on knowing your obligations, and applying best practice to achieve compliance. In this section of the site, we have collated the most useful information available for businesses seeking to comply with the EU General Data Protection Regulation (GDPR).
GDPR Theory and policy
To approach GDPR compliance, you need to understand fundamental concepts of data protection practice. These include definitions, your obligations as a data controller, and how the legislation will affect you. The resources below can help you to understand the legislation, and frame effective policies to comply.
- Data Protection Officer: Do You Need One?
- Do Sole Traders Need a Data Protection Plan?
- Personal Data: What Is it?
- The EU GDPR – Are Organisations Ready?
- The EU General Data Protection Regulation and Paper Records
- When Should you Shred Documents?
- Your Document Retention Policy: Where to Start
Data Protection Practice
Having a policy is one thing – putting it into practice is another. The resources below can help you to achieve compliance across your organisation, and tackle tricky issues such as staff training, access requests and more.
- Data Breach Risks: Five things to Watch Out For
- Data Collection Best Practice: The Basics
- Data Protection Compliance Checklist
- Data Protection in the Office – 4 Pillars of Better Practice
- Data Protection Training: What to Teach Every Employee
- Handling Data Access Requests
- Hard copy files: How to Track Access
- Keep, Scan, Store, or Shred? Free Document Management Flowchart
- Third-Party Data Processors: Best Practice
- What to do After a Data Breach
Managing Director John McEntagart is writing a regular series of blogs on LinkedIn. These include analysis of the legislation, a step-by-step compliance guide, and case studies highlighting good or bad data protection practice.
- GDPR Preparation: Part 1
- GDPR Preparation Part 2: A Data Protection Officer
- Putting EU Law Into Practice: The Data Protection Bill 2017
External sites
We are also keeping an eye out for other organisations offering useful advice on the legislation. You can view some of these below.
- dataprotection.ie – The official site of the Irish Data Protection commissioner
- gdprandyou.ie – The Irish Data Protection Commissioner’s site for individuals and organisations seeking to understand the GDPR
- gdpr-info.eu – The final text of the GDPR, neatly arranged
