1.Attend the SFA conference on 24 May and hear other small businesses share their GDPR journey
For months you have been reading or hearing about what GDPR is and what are the requirements. Join the SFA conference on 24 May and hear others speak about how they have implemented GDPR. John Keyes, the Assistant Data Protection Commissioner, will give a keynote address and in the subsequent panel discussion three small business owners like you will share their experiences of GDPR. The best news is that the conference is FREE to SFA members so don’t miss out, book your place today and get the inside track on GDPR.
2.Download the SFA GDPR guide ‘Mind your business: prepare for GDPR’
Earlier this year the SFA put together a guide on GDPR which offers twelve practical steps along with case studies to help you implement GDPR into your business. The publication is also an invaluable reference tool for ongoing GDPR compliance as each section has a key takeaway and details web links for further information. If you have not already downloaded your copy you can do so by clicking here and refer to it time and time again.
3.Join our GDPR discussion group
We are keenly aware that GDPR does not stop once 25 May passes and that this will be an ongoing compliance issue. Over the next twelve to eighteen months there will be continuous developments such as the finalisation of the Data Protection Bill 2018, updates from the Data Protection Commission and other developments. SFA have created a GDPR discussion group free of charge to SFA members so that we can meet four times a year to keep abreast of GDPR developments and discuss and learn from each other on how we are implementing GDPR. To be added to the discussion group please e-mail Helen at firstname.lastname@example.org.
4.Listen to our webinar on GDPR and record keeping
Not sure how long you should keep personal data for? Then check out our recorded webinar on GDPR and record keeping. It covers record keeping in relation to employee records, health and safety considerations, business considerations and regulatory considerations. You can listen to the webinar here and on that same page you can download our record keeping checklist for HR records.
5.Download our ‘GDPR in Action’ slide deck
Not sure where to start or what to prioritise for your GDPR implementation? A good starting point is our ‘GDPR in Action’ slide deck which has a 15-point action plan that takes you through the basic implementation of GDPR, from assessing your risk right through to preparing for data breaches. If you are concerned that you won’t be GDPR ready by 25 May, use this slide deck to prioritise what you need to do first.
6.Download the Data Protection Commission guidance on implementing your personal data security
The Data Protection Commission put together an excellent, short publication on managing your personal data security. It is specifically aimed at the small business owner and gives guidance on assessing the appropriate level of IT security, ideas for implementing your technical and organisational measures for electronic and physical data as well as some considerations to factor in when outsourcing to data processors. You can download this and many other excellent resources at http://gdprandyou.ie/resources/
7.Read our past GDPR articles
Since January we have been sharing a GDPR tip through our weekly e-zine including topics such as privacy statements and what is needed, managing and preparing for data breaches, data access requests, the difference between personal and sensitive data, the legal bases for retaining data, whether you need a Data Protection Officer and much more. If you missed out on any of these articles check out our archive section here.
8.Using a cloud-based solution service?
The Data Protection Commission gives five key steps businesses should take to ensure the cloud-based solution they use is secure. You can get more information on this here.
9.Download the Data Protection Comission guidance on data controller to data processor contracts
The DPC has JUST released an excellent guidance document on what needs to be included in a legally binding contract between a data controller and a data processor, go to http://gdprandyou.ie/resources/ for your copy
10.Attend the SFA conference on 24 May
This is another reminder to join us on the eve of GDPR for the SFA Annual Conference on 24 May in the O’Reilly Science Centre, UCD. Book book here to secure your place today