Skip to main content

Workplace Data Privacy Audits

The General Data Protection Regulations place greater emphasis on the documentation that data controllers must keep to demonstrate compliance. Businesses need to be clearer and more transparent about what data they process and how. The rules around this are changing and the consequences for getting it wrong are far greater.

The first step in getting to grips with this will be a data protection audit to understand where you might need to improve to comply with the GDPR.

The audit is tailored to your particular requirements, but will usually involve looking at the following:

  • Are relevant and appropriate data protection policies and procedures in place
  • What categories of data are processed by the organisation
  • Whether privacy impact assessments will be needed for specific ‘high risk’ areas
  • What Privacy Notices are in place
  • Comprehension of data protection responsibility, knowledge and training
  • How the organisation would deal with data subjects’ rights
  • Practices surrounding data accuracy and retention
  • Security of personal data
  • The legal basis for cross border data transfers, if applicable
  • Data sharing with third parties

We can then help you assess where improvements need to be made or gaps need to be filled in order to be compliant with the GDPR.

For more information see our Data Privacy Audit brochure.

Related items

Related services

Cookie consent is a box-ticking exercise after all!

16 October 2019

The European Court of Justice (ECJ) has provided welcome clarity on the consent requirements around the use of cookies by website operators. As if it were ever in doubt, pre-ticked boxes cannot be used as a means of obtaining a website user’s consent to the use of cookies.

International data transfers - are model clauses now under threat?

05 October 2017

Many of you will remember Max Schrems, the Austrian law student who in 2015 successfully brought a case to the European Court of Justice (“ECJ”) that resulted in the “safe harbor” - the agreement that allowed the transfer of EU citizens’ data to the US - being declared invalid.

Data Academy - FULLY BOOKED

26 September 2017

This is a half day data conference comprising interactive sessions, speakers from Lewis Silkin, Accenture and industry specialists.

Back To Top