Compliance with the European Union’s General Data Protection Regulations (GDPR) is here. Are you confident that you understand the requirements and your ability to execute?
Associations need to make sure to take the appropriate steps to protect the rights of the people for whom you have collected personal data. Personal Data can mean any information that can directly or indirectly identify a natural person, including e-mail addresses, user IDs, and IP addresses.
To help you reduce the risk of GDPR compliance fines and ensure that you are taking the appropriate steps to protect personal data we suggest these 7 steps for Association GDPR Aligment:
1. Create a training and communication plan
2. Implement Data Governance framework and policy
3. Review and update privacy statement and consent agreements
4. Implement process to maintain catalog of Personal Information storage and processing
5. Conduct risk assessment and remediation plan
6. Define process to handle requests for deletion, access, etc.
7. Assess ability to detect and report a data privacy breach