Skip to main content

How do I prepare for GDPR compliance?

1. Refresh your knowlege of the Information Security Framework

2. Understand what data you have and why you have it

3. Don't retain data unnecessarily. Delete or destroy data you don't need, including paper based documents. If there is a requirement to retain the data, ensure you follow the Records Management policy and associated Records Retention Schedule

4. Familiarise yourself with the different classifications of data and how the data should be handled. The greater the level of classification, the higher the risk and more stringent controls for handling the data

5. We need to know about any data breaches. Report them to:

6. Be aware of the basics of current data protection legislation and the forthcoming GDPR

7. Regularly check the GDPR webpage for updates

8. Contact the GDPR Project team if you have any questions: