GDPR is a complex, wide-ranging set of rules most organizations doing business with Europe need to follow. It goes deeper than that. California and others are adoptingrules identical to or close to GDPR. While it seems like GDPR is a lot to tackle, with large fines if you fail, you can get started by hitting the top areas first.
Here are ten steps to take – right now!
2. FIND OUT WHERE YOU STAND
Companies are in various states of GDPR compliance, ranging from none at all to complete adherence. Before embarking more deeply on your GDPR journey, find out where you stand right now. What are your policies and practices regarding data governance? Are they presented to the outside world in an open and transparent way?
If there is already data governance documentation, review this and use it as a starting point for further work. Under GDPR, this kind of documentation is mandatory. This is all part of a data protection assessment, which you can learn more about here.