Getting Started with GDPR Centre

GDPR stands for General Data Protection Regulation. The GDPR effectively replaced the Data Protection Act (1998) as of 25 May 2018.

The GDPR sets out guidelines for managing personally identifiable information. It applies to data ‘controllers’ and ‘processors’ and is entirely based on ‘principles’ not ‘rules’ - aspiring to a set of broad goals and standards, rather than specific adherence to stipulated laws.

GDPR Centre contains several areas that allow you to manage your data protection obligations.

Step 1 - Process Checklists

Use Process Checklists to prompt consideration of the matters raised in your practice.

1. Select the required template provided and click Create Review Point.
2. Click Open Checklist.
3. The next few pages will ask you questions about your high level compliance with data protection legislation as a controller of data:

• Lawfulness, fairness and transparency
• Individuals' rights
• Accountability and governance
• Data security, international transfers and breaches

3. Click Review to log Who reviewed this checklist and the Date of review.
4. Click Check & Finish to validate your entries.
5. Click Summary to review the GDPR Checklist summary report.

Step 2 - Data Activity Registers

Use Data Activity Registers to keep track of all your personal data activities in easily actionable sections.

1. Select the required template provided and click Create Review Point.
2. The review point will then show under the template heading. Click Open Register.
3. Work through the form filling in all necessary data
4. Click Review to log Who reviewed this register and the Date of review.
5. Click Check & Finish to validate your entries.
6. Click Summary to review the Data Activity Register summary report.

Step 3 - Risk Assessments

Use Risk Assessments to identify and assess scenarios that carry a risk. You can record the potential impact of each scenario and define your plan of action.

1. Select the required template and click Create Risk Assessment.
2. The Risk Assessment will then show under the template heading. Click Open Risk Assessment. 
3. Work through the form filling in all necessary data
4. Click Review to log Who reviewed this Risk Assessment and the Date of review.
5. Click Check & Finish to validate your entries.
6. Click Summary to review the Risk Assessment Scenario summary report.

STEP 4 - Data Breaches

Use Data Breaches to record whenever there is a real or suspected breach of data.

1. If you have identified a data breach or have suspicions of a data break, click Record Breach. 
2. Work through the form filling out the necessary information. 
3. Click Resolution to log Who the report is assigned to, Steps being taken and Status and date resolved of the report .
4. Click Check & Finish to validate your entries.
5. Click Summary to review the Data Breach summary report.

STEP 5 - Data Subject Access Request (DSAR)

Use Data Subject Access Request (DSAR) to create subject access requests when requested and track the progress of the request.

1. Select Create DSAR.
2. Work through the form filling out the necessary information.
3. Click Progress Tracking to update and record the status DSAR
4. Within Progress Tracking you can Create Task to assign the DSAR to a member of staff. 
5. Click Check & Finish to validate your entries.
6. Click Summary to review the DSAR summary report.