GDPR: Data protection self-assessment

Use these checklists to assess your compliance with data protection law and find out what you need to do to make sure you are keeping people’s personal data secure.

This self-assessment toolkit has been created with small organisations in mind. It will be most helpful to sole traders or small to medium-sized organisations from the private, public and third sectors.

Good information handling makes good business sense. You’ll enhance your business’s reputation, increase customer and employee confidence, and by making sure personal information is accurate, relevant and safe, save both time and money.

Getting ready for the GDPR

Before undertaking this self-assessment checklist to help your organisation get ready for the GDPR, you should first determine whether your organisation processes personal data as a “data controller” or “data processor”. The definition of these two terms can be found in the Guide to the GDPR.

In some instances, the organisation will process personal information as both a controller and a processor. When this is the case, it is advised you complete both assessments.


Via: Information Commissioner’s Office, licensed under the Open Government Licence.
Via: https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/


GDPR for the Education Sector: https://ico.org.uk/for-organisations/education/education-gdpr-faqs/

Hits: 39

Leave a Reply