GDPR Procedures for IT Systems

The changes brought about by GDPR can be overwhelming especially for smaller businesses. It is important however to get to a place as a business where you are able to demonstrate GDPR compliance.

The ICO can impose substantial financial penalties (fines of up to 20million Euros/2-4% of your annual turnover) but also issue warnings and reprimands, impose temporary or permanent ban on data processing, order the rectification, restriction or erasure of data and supspending data transfers

Bespoke Training and Consultancy for
GDPR Procedures for IT Systems

Bespoke training courses for GDPR Procedures for IT Systems are designed according to the systems implemented and the type of data that is being stored and processed and for what purpose. Courses are effectively broken down into units according to skill level and user roles.

Below are just some of the units which may be included:

• appointing a data protection officer
• adopting and implementing data protection policies both online and offline
• the rights of data subjects
• taking a ‘data protection by design and default’ approach
• putting written contracts in place with organisations for whom you store and process personal data
• maintaining documentation electronically of your processing activities
• Personal Information Management Systems (PIMS)
• implementing appropriate security measures within IT systems
• testing for software vulnerabilities and processes for rectifying
• dealing with third parties and data in the Cloud
• recording and, where necessary, reporting data breaches
• carrying out data protection impact assessments for uses of personal data that are likely to result in high risk to individuals’ interests
• adhering to relevant codes of conduct and signing up to certification schemes

These courses can be delivered in our training suite or on your company premises at your convenience, tailored to focus on specific areas of data collection and processing policies.