GDPR Implementation (935_18)

Request

Under the terms of the freedom of information act can I respectfully request information in regard to your preparation and understanding of GDPR compliance.

 Questions for GDPR FOI 2018

How would you describe your GDPR preparedness?

  • Already Compliant.
  • On target to be compliant by May 25th, 2018.
  • Project underway but suffering difficulties.
  • Barely Started.
  • Haven¿t started.

Have you identified all your data processing partners?

  • Yes
  • No
  • Unsure

Do you have contracts in place with all your data processing partners?

  • Yes
  • No
  • Unsure

Do you use a third party to provide data erasure or destruction services on your end of life IT infrastructure?

  • Yes
  • No
  • Unsure

If you use a third party, do you have a contract in place with them?

  • Yes
  • No
  • Unsure

How have you assessed “sufficient guarantees” from this company? (Please tick all that apply)

  • In writing from them.
  • Via Contract Terms.
  • Relevant accreditation.
  • Independent Assessment / audit.

Does this contract include clarification on process for dealing with: (Please tick all that apply)?

  • Breach Notification?
  • Subject Access Requests
  • Changes in processing activities which require a DPIA.

8. If you use a third party what is their name?

9.How regularly do you or an independent third party, audit this company?

  • Never
  • Every 6 months
  • Every 12 months
  • Irregularly but over 12 months
  • Unsure

Response

Please find attached our response.

Attachments

935_attachment_1

Bookmark the permalink.

Comments are closed