Arrange a Consultation

Where Organisations Struggle With GDPR – #1

Jun 15 - Brian Siney

Featured in JEP’s Expert Panel – 15th June 2018


Organisations continue to struggle with the following areas in relation to their GDPR projects:

  • (a) misunderstanding how to create policies and procedures that are suitable for their organisation
  • (b) weak, informal arrangements to manage and deliver effective governance of data protection e.g. no clear line of responsibility, ineffective recording
  • (c) no incident response plan for a data breach or cyber security attack.

Firstly, some organisations think that they should simply buy an “off the shelf” set of policies and procedures for data protection and just insert their organisation’s name at the top of the document. This is a big misunderstanding.

Policies and procedures are best created from the bottom up approach, where you start will your data mapping exercise (what personal data processing do you do, why, how, what data collected etc..), then examine what lawful bases applies to each processing activity, then look at the risk profile of the personal data and then create those policies and procedures which are directly aligned to all of these recorded activities and characteristics.

Policies and procedures must be rooted to your lawful bases review, risk assessment and the underlying data mapping exercise to be effective and accurate.

Continue reading… 

Where Organisations Struggle With GDPR – #2

Where Organisations Struggle With GDPR – #3

Ensure Your Business is GDPR Compliant Today!

Contact me today and arrange a consultation…

Be Secure is a Jersey-based data consultancy business specialising in GDPR data protection, data privacy and cyber security. Leveraging extensive experience of founder Brian Siney, Be Secure offers a unique business focus and perspective for managing GDPR.

Send me a message

Call me on 07797 738743

More from the blog

Back to Blog home