GDPR Compliance Checklist: Complete by May 25, 2018
The GDPR (General Data Protection Regulation) standardizes data protection across Europe, in order to protect the data of private citizens, and regulate the way organizations manage data privacy. To be in compliant, please have your organization complete this checklist by May 25, 2018.

-
Required by GDPR
-
Update your Terms of Service and Privacy Policy to include all updates, what data is being processed and why.
-
Email and alert your entire email list about all updates and changes to Terms of Service and Privacy Policy.
-
Implement a data processing consent form that is clearly written. This should not be hidden or buried in the terms or privacy policy form.
-
Implement a clear form or process for a subject to opt-in or opt-out of having their data processed.
-
Upon request, implement a process to delete a subject's personal data
-
Implement a process to immediately delete a subject's data when the data has no further use.
-
Upon request, be able to provide the subject's data in a "commonly use and machine readable format".
-
Upon request, be able to provide a subject's data to a 3rd party.
-
Implement a process to ask for parental consent when processing the data of a 16 year old, or younger, data.
-
Appoint a Data Protection Officer (DPO) if your company is: "(a) public authorities, (b) organizations that engage in large scale systematic monitoring, or (c) organizations that engage in large scale processing of sensitive personal data."
-
Have a plan to alert the Data Protection Agency (DPA), and all affected individuals, within 72 hours of a data breach.
-
Recommended, but not required by GDPR
-
Review and adhere to the Official GDPR Website: https://www.eugdpr.org
-
Designate an appropriate person to bring your company into GDPR compliance.
-
Add a double opt-in email sign up (recommended, but not required by GDPR.
-
Anonymize your Google Analytics account.
-
Notify and train all employees to be aware of and adhere to the GDPR.
-
Add an unchecked consent box to all sign up forms.
-
Post a blog article about all GDRP updates your company is implmenting.