What do I have to do for GDPR?

What do you have to do for GDPR?

Author Gary Hibberd

On May 25th 2018 something monumental happens. The current Data Protection Act is repealed and a new regulation comes into force. The General Data Protection Regulations (GDPR).

People often ask us what do we need to for GDPR? Here is our simple guide to what to do to be GDPR compliant.

What you need to do

Start planning for the changes that are coming. Do not wait for 2018 as by then it will be too late. Agenci are helping a number of businesses prepare for the changes coming and you need to be pro-active about the changes too.

Here are our 10 steps to successfully prepare for the GDPR

1. Assign a project leader
2. Raise understanding of GDPR to the board and senior management
3. Assess your readiness for the new GDPR by performing a Gap Analysis
4. Set up a project and develop your project plan
5. Conduct a Data Flow map of personal information
6. Develop a Data Inventory. What, where, who, why, when and how data is held
7. Agree what your organisation will class as personally identifiable information that you hold
8. Implement an information security management system such as ISO 27001
9. Develop your security incident plans to include data breach processes
10. Assign someone to be your ‘Data Protection Officer’ (a critical role now required)

These steps are the ‘headlines’, and over the next 12 months Agenci will explore each of these in much greater detail through a series of blogs, papers, webinars and events that will ensure you understand what needs to be done.



Speak to a member of the team now on

03455 760 999

We would love to help you, ask for Gary:



What do I have to do for GDPR