Tuesday 28 November 2017

Five steps to being GDPR-ready

25 May 2018 is less than six months away. Karen Janssen, CIO at CTM (Corporate Travel Management), has revealed the five steps you need to take now to ensure you are GDPR ready. 

1               Employee engagement
Make sure the people in your organisation who need to know about GDPR understand that the law is changing and the impact it will have on the company. Assign a Data Protection Officer – someone to take responsibility for data protection compliance.

2               Sort your existing data
Consider an information audit to document what personal data you hold, how you hold it, where it came from and who you share it with.

3               Privacy and procedures
Review your current privacy notices. Check your procedures to ensure they cover individuals’ rights. Look at how you seek, obtain and record consent and whether you need to make any changes.

4               Legal basis for processing personal data
Identify your legal basis for carrying it out data processing and document it.

5               Data breaches
Make sure you have the right procedures in place to detect, report and investigate a personal data breach.

This post was written by Karen Janssen, Chief Information Officer at Corporate Travel Management (CTM), a top ten global TMC exhibiting at the Business Travel Show in February. To register for a free visitor pass and meet up with CTM (stand B620) to discuss GDPR and all of your other travel management needs.  

No comments:

Post a Comment