GDPR Process - Procedures - Methodology - Examples
Using Method Grid we’ve created a simple to follow example GDPR process and procedure grid. This grid lays out a complete end-to-end GDPR methodology for auditing your organization and documenting your GDPR process.
Who might this be useful for?
The General Data Protection Regulation (GDPR) concerning data protection and privacy is relevant to all organizations working within/to the European Union and the European Economic Area.
How is it best used?
This grid can serve as a reference home for an organisation’s set of documented GDPR processes and records – as used to provide staff with an easy-to-access reference site (to facilitate consistent GDPR-compliant practices) and so that any audit sees a structured, end-to-end system in place.
With this grid (tailored to your specifics – and regularly updated), if you get a GDPR question from a customer – or a request from your lead data protection supervisory authority – you, and your team, can deal with it in minutes.
What does it consist of?
This grid lays out a complete end-to-end GDPR methodology for:
Auditing your business for GDPR compliance – questions to ask and information to capture
Capturing and storing the personal data you process
Documenting the purpose of this data and your legal basis for processing it
Auditing and documenting where you hold this data – internal and external data processors
Noting who controls this data – internal and external data controllers
Creating a central library for all your GDPR legal documentation and compliance
Keeping a record of how and when you get consent for your personal data processing
Providing a central repository for all your GDPR related processes and procedures – data protection officers, data breach process, subject access requests etc.
Noting your international obligations for the processing of EU personal data – who processes your data, where it’s kept and your relevant data processing agreements
Not only does this GDPR process grid give you all that, but using the power of Method Grid everything is interlinked to create a simple flow of information for you and your staff – allowing you to:
Link personal data types to the relevant data processors
Easily lookup a data processors’ current legal status with you and your business
Quickly and easily handle data access requests
Link your staff members and internal experts to any element of your GDPR process quickly and easily
Have your complete process documented, easily accessible to your staff and constantly evolving with your business. Get a GDPR question from a customer or a request from your lead data protection supervisory authority and you and your team can deal with it in minutes.
Method Grid is the perfect solution for small teams!
Method Grid has been a real game changer for us at Footdown. For years we struggled to find a common way of keeping everyone on the same page, following a process and ensuring all information was in the right place and easy to update. Method Grid has taken all that pain away and better still within as little as a couple of hours we had our first grids built, our data in it and people actively using it. Its simplicity makes it a must have for any business these days, I couldn’t recommend it highly enough.
Matt Jenkins Head of Consulting, Footdown
We have found Method Grid to be an excellent tool for documenting both client facing propositions and internal processes and procedures.
Mike Hampson MD, Bishopsgate Financial
GRIDtalk: Lessons Learned 2.0 - Industry Collaboration • 30th November 1pm