There's a lot of information out there about the new EU General Data Protection Regulation (GDPR). So where can you find the best information about what GDPR means for you?
We asked Qualsys's Business Mentor, Mike Bendall, to share his recommended GDPR resources.
A good place to start is by familiarising yourself with the European Union Data Protection Regulation requirements.
In this Official Journal of the European Union, you will find:
- Why the EU have introduced the regulation
- Details of the requirements for each article
- 88 pages of the requirements.
#2 – GDPR Toolkit
Qualsys provides many free toolkits to help organisations manage their transition into new ISO and compliance standards. In the GDPR toolkit, you will find:
- Step-by-step guides
- Advice from industry experts
- Quiz to get your stakeholders engaged with GDPR
#3 – "EU GDPR: A Pocket Guide" (Alan Calder, Founder & Executive Chair at IT Governance)
Gain a clear understanding of the GDPR with this essential pocket guide, which explains:
- The definitions used within the regulation in simple terms
- The key requirements of the regulation
- Advice of how to comply with the regulation
#4 – "The Missing Piece in the GDPR Puzzle" eBook
This eBook by Collibra details a best-practice approach to data governance:
- Why organisations need robust information management systems
- How data governance is a vitamin for competitive advantage
- 3 building blocks of a data governance business case
#5 – "Why GDPR should be at the top of your agenda" – CIO Trends Report (Computer Weekly)
Computer Weekly has produced a CIO Trends report, which details:
- Why GDPR should be at the top of your agenda
- How to ensure you're compliant
- Insights from thought-leaders
More articles from Computer Weekly you will find useful:
#6 – "What your company should know and start doing now for GDPR" (Pedro Sa, Medium)
This article is very useful for sharing with your team if they're not familiar with some of the terminology used in the standard.
#7 – "How to manage risks and reputation within any data-driven company" – Brighttalk webinar (Ronald Van Loon)
In this GDPR webinar, speaker Ronald van Loon discusses how to:
- Maintain client trust with appropriate data management
- Reduce risks and protect your reputation
- Adopt a Protection by Design approach to data
- Implement technical infrastructures to protect and govern client data
- Utilise a data protection officer to define how data is collected and stored
- Handle the various data streams
#8 – "Preparing for EU GDPR" (Alan Calder, Founder & Executive Chair at IT Governance)
This Slideshare by Alan Calder covers:
- An overview of the regulatory landscape and territorial scope
- Principles of the EU GDPR
- Breach notification rules
- Data subject rights
- Changes to consent
- Processor liabilities
- Role of the Data Protection Officer
#9 – GDPR Stakeholder Workshop (Hans Demeyer, Data Protection Office)
In this Slideshare, Demeyer uses "Sophie's Privacy" as a case study to show examples of what can and cannot be done under the new GDPR. There are some useful exercises you can run with your stakeholders to get them to understand their requirements.
#10 – "The EU GDPR and Third Party Risk" (Aravo blog)
Third parties are often the weakest link in a company's data security, and are implicated in about 63% of all data breaches.
In this article, Aravo explains why third parties are an important point of focus for GDPR: read here.
For more information about GDPR, access the GDPR Toolkit.