Do you need an external data protection officer?
Checklist data protection
- Do you work with personal data?
- Are more than nine people constantly involved in the processing of personal data?
- Do you work with particularly sensitive data?
- Do you transmit to third parties?
- Are customers and employees consistently informed about the nature and purpose of data use?
- Have these individuals signed the appropriate verification?
- Is it possible to inspect files (tidy archive)?
- Are deletion and retention periods observed?
- Are all IT applications sufficiently and comprehensively protected?
- Are there special access rights for supervisors and employees?
- Is there a concept with passwords and access rights?
- How are data breaches and losses reported?
- Are data carriers/files/documents containing personal data stored securely?
- Are employees adequately trained?
- Have they consented to the use of your data?
- Do you already have an internal data protection officer?
- Is this person knowledgeable and can answer questions about the GDPR completely and quickly?
- Is the implementation of the new regulations in the company regularly monitored?
- Have there been any data protection mishaps before?
This checklist provides some information that should be relevant to you as a business owner.
If you have given little or no thought to the topic of data protection, you should start now.