How to prepare for GDPR

In our last blog we discussed about What Is GDPR & Why Should Your Business Care ?

https://blogs.sap.com/2017/10/02/what-is-gdpr-and-why-should-your-business-should-care/#

In this blog we will discuss

How to prepare for GDPR

Step #1 In preparation for GDPR it is important to work on idenfiying some of the key aspect of sensitive data

• What personal data you have in your landscape ?
• Where is the personal data stored inside the Organization ?
• Who is accessing the sensitive data ?
• How are they processing the sensitive data ?

Step #2 Once you have done your homework on sensitive data, please follow the next steps below

• Document what personal information is held, where it came from and with whom it is shared (3^rd Party)
• Ensure key departments are aware that the law is changing, and to anticipate the impact of GDPR.
• Review current privacy notices and prepare any necessary changes.
• Identify and document the legal basis for each type of data processing activity.
• Review procedures to address the new rights that individuals will have
• Review how consent is sought, obtained and recorded.
• Make sure procedures are in place to detect, report and investigate data breaches.
• Plan how to handle requests within the new time frames (72 hours) and provide the required information.
• Designate a Data Protection Officer to take responsibility for data protection compliance.