GDPR Compliance Checklist: Complete by May 25, 2018

The GDPR (General Data Protection Regulation) standardizes data protection across Europe, in order to protect the data of private citizens, and regulate the way organizations manage data privacy. To be in compliant, please have your organization complete this checklist by May 25, 2018.

GRPR 2018 compliant Checklist 2018 GDPR Compliant Checklist
  • Required by GDPR

    ×

    How to do this task:
    Subtasks:
  • Update your Terms of Service and Privacy Policy to include all updates, what data is being processed and why.

    ×

    How to do this task:
    Subtasks:
  • Email and alert your entire email list about all updates and changes to Terms of Service and Privacy Policy.

    ×

    How to do this task:
    Subtasks:
  • Implement a data processing consent form that is clearly written. This should not be hidden or buried in the terms or privacy policy form.

    ×

    How to do this task:
    Subtasks:
  • Implement a clear form or process for a subject to opt-in or opt-out of having their data processed.

    ×

    How to do this task:
    Subtasks:
  • Upon request, implement a process to delete a subject's personal data

    ×

    How to do this task:
    Subtasks:
  • Implement a process to immediately delete a subject's data when the data has no further use.

    ×

    How to do this task:
    Subtasks:
  • Upon request, be able to provide the subject's data in a "commonly use and machine readable format".

    ×

    How to do this task:
    Subtasks:
  • Upon request, be able to provide a subject's data to a 3rd party.

    ×

    How to do this task:
    Subtasks:
  • Implement a process to ask for parental consent when processing the data of a 16 year old, or younger, data.

    ×

    How to do this task:
    Subtasks:
  • Appoint a Data Protection Officer (DPO) if your company is: "(a) public authorities, (b) organizations that engage in large scale systematic monitoring, or (c) organizations that engage in large scale processing of sensitive personal data."

    ×

    How to do this task:
    Subtasks:
  • Have a plan to alert the Data Protection Agency (DPA), and all affected individuals, within 72 hours of a data breach.

    ×

    How to do this task:
    Subtasks:
  • Recommended, but not required by GDPR

    ×

    How to do this task:
    Subtasks:
  • Review and adhere to the Official GDPR Website: https://www.eugdpr.org 

    ×

    How to do this task:
    Subtasks:
  • Designate an appropriate person to bring your company into GDPR compliance.

    ×

    How to do this task:
    Subtasks:
  • Add a double opt-in email sign up (recommended, but not required by GDPR.

    ×

    How to do this task:
    Subtasks:
  • Anonymize your Google Analytics account. 

    ×

    How to do this task:
    Subtasks:
  • Notify and train all employees to be aware of and adhere to the GDPR.

    ×

    How to do this task:
    Subtasks:
  • Add an unchecked consent box to all sign up forms. 

    ×

    How to do this task:
    Subtasks:
  • Post a blog article about all GDRP updates your company is implmenting.

    ×

    How to do this task:
    Subtasks:
This checklist was created by listladder

881 copy saved

881 copies saved