We’re getting very close to the pointy end of the GDPR compliance deadline with just five short weeks to go. If you haven’t already, now is the time to conduct a full data audit to make yourself 100% satisfied that all data can be clearly seen and checked.
A data audit is incredibly important not just because of the issues with your data it discovers – the audit will also produce comprehensive records and reports which you can use to demonstrate to the ICO that you have done everything in your power to ensure data is obtained and processed safely and legally.
As we all know, things can and will go wrong when it comes to data. However, having robust systems and training in place to help mitigate and prevent any issues spreading goes a long way to proving your compliance with the new rules. A full audit will really allow you to scrutinise these systems and fix any potential gaps.
The audit itself involves asking and answering a series of questions about what data you have.
- What data have you collected?
- Why do you have this data and do you really need to have it?
- Where is it located?
- How is it used and accessed?
- Are the rights of the data subject met?
- How do you protect data?
- Are all staff fully trained in data protection awareness?
- What records and reports do you keep as evidence?
Although relatively straight forward, these questions can take a long time to thoroughly answer – especially when you consider the number of third party suppliers who may hold your data. It can seem incredibly daunting, especially if data compliance has been on your ‘to do’ list for a long time.
To make things easier, GDPRiS currently has over 400 suppliers fully mapped with more on the way, meaning your third party suppliers can be checked for compliance with just a few clicks. If, like most schools, your third party suppliers number in the dozens, this represents a potential time saving of several days.
On top of that, The Internal Audit section within GDPRiS allows your school to fully answer and review each of the above questions throughout the audit and help you take the necessary whole-of-school approach to getting your school GDPR ready.