GDPR Compliance Journey - 19 Review and Wrap up

Gydeline
21 May 201805:11

Summary

TLDRIn the final part of their GDPR compliance journey, Mike Savile reviews their progress, revealing they are 88% compliant, with most efforts now focused on enhancing security measures like firewalls and user accounts. They emphasize the importance of a culture of compliance, ongoing documentation, and continuous improvement to remain GDPR ready. Savile advises that organizations should embed data protection by design into their operations and maintain vigilance beyond initial compliance. The series concludes with encouragement to adopt these practices for successful compliance.

Takeaways

  • 🚀 We are 88% compliant with GDPR and Cyber Essentials.
  • 🔍 We have minor tasks remaining to improve our security and achieve full compliance.
  • 🛡️ Key areas for improvement include firewalls, user accounts, and device access.
  • 📋 Our action list is short, mainly involving firewall rules, anti-malware, access rights, and autorun.
  • 📜 We can access the full text of GDPR to review compliance with specific articles like data protection by design and default.
  • 👍 We consider ourselves GDPR ready rather than just compliant, staying updated with new guidance.
  • 🏢 Embedding a culture of compliance in the organization is crucial.
  • 📝 Documenting everything is essential for proving compliance efforts.
  • 🔄 Compliance is an ongoing activity; we must continue our efforts even after the bulk of the work is done.
  • 💬 Feedback and comments on the series are appreciated, aiming to make compliance simpler.

Q & A

  • Who is the speaker in the video script?

    -The speaker is Mike Savile.

  • What is the main topic of the video script?

    -The main topic is the journey towards achieving compliance with the General Data Protection Regulation (GDPR) and Cyber Essentials.

  • What percentage of compliance is the speaker's organization at according to the guidelines software?

    -The organization is at 88% compliance according to the guidelines software.

  • What does the speaker suggest is the key to achieving GDPR compliance?

    -The speaker suggests that having a culture of compliance embedded in the organization is key to achieving GDPR compliance.

  • What is the speaker's view on the organization's readiness for GDPR?

    -The speaker believes that the organization is not just compliant but ready for GDPR, as they are actively working on continuous compliance.

  • What areas does the script mention as needing improvement to achieve full compliance?

    -The areas needing improvement include firewalls, user accounts and devices, access, and anti-malware.

  • What is the significance of Article 25 in the context of the script?

    -Article 25 of the GDPR focuses on data protection by design and by default, which is a principle the speaker's organization aims to adhere to.

  • What is the speaker's advice for other organizations on their compliance journey?

    -The speaker advises other organizations to establish a culture of compliance, document everything thoroughly, and treat compliance as an ongoing activity.

  • What does the speaker mean by 'data protection by design and default'?

    -It refers to the GDPR principle that requires organizations to consider data protection from the outset of designing systems, rather than as an add-on.

  • What is the final message the speaker conveys to the audience?

    -The final message is that compliance is an ongoing process and organizations should strive to be 'GDPR ready' rather than just 'GDPR compliant'.

  • How does the speaker describe the current state of their action list?

    -The speaker describes the action list as very short, indicating that there are only a few minor tasks left to complete for full compliance.

Outlines

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Mindmap

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Keywords

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Highlights

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Transcripts

plate

Esta sección está disponible solo para usuarios con suscripción. Por favor, mejora tu plan para acceder a esta parte.

Mejorar ahora

Ver Más Videos Relacionados

GDPR Compliance Journey - 11 Rights

GDPR Compliance Journey - 15 Contracts & Agreements

GDPR Compliance Journey - 12 Data Minimisation

GDPR Compliance Journey - 08 Privacy Notice

GDPR | A simple explanation

GDPR Compliance Journey - 04 Processing Activity Record

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Etiquetas Relacionadas
GDPR ComplianceData ProtectionCyber EssentialsSecurity MeasuresCompliance CultureRegulatory GuidelinesContinuous ImprovementPrivacy DesignData SecurityCompliance Tips
¿Necesitas un resumen en inglés?