Taking a proactive and consistent approach to your data compliance routines ensures you’re keeping a handle on the data you hold throughout the year. Below are our thoughts on the key building blocks for your audit routine.
Accountability – having someone in the business accountable for data protection will help to drive audit routines and build a culture conscious about data compliance.
Personal data register (PDR) – a requirement if you have over 250 employees, but highly recommended if you don’t! A well-maintained PDR will underpin your audit routines giving you a clear picture of all the data you hold and what you do with it. We’ve got a PDR template in our Data Protection Toolkit – find out how to access.
System security – employees should only have access to personal data necessary to fulfil the requirements of their role. Regular reviews of the safeguards you have in place will reduce the risk of unauthorised access and highlight where extra security measures might be required.
Third-party processors – review any agreements you have in place to ensure they’re up to date and still relevant.
We’ll provide pt.2 of our audit routine building blocks next week. Get in touch if you’d like to access our Data Protection Toolkit or need support carrying out an audit of your data protection practices.