The GDPR Project Plan

  • Have we put a project plan together to ensure compliance?

 

  • Have we secured buy-in at executive level to ensure we have the required resources and budget on hand to move the project forward?

 

  • Do we require a Data Privacy Impact Assessment?

 

  • Do we need to hire a Data Privacy Officer?

 

  • Are we implementing a policy of ‘Data Protection by Design and Default’ to ensure we’re systematically considering the potential impact that a project or initiative might have on the privacy of individuals?

 

  • Have we considered how we handle employee data in our plan?