Documentation Helps Avoid GDPR Mistakes Too
Complying with GDPR means documenting data handling processes, proving that these have been put into practice and addressing vulnerabilities swiftly. There are several phases of documentation that may help you avoid data privacy mistakes – with respect to GDPR or any other regulation. Certainly, you’ll start with written policies that are distributed company-wide. Also, map out how data is used within your company and document this too. Use these questions about avoiding GDPR fines to help guide you.
Then, start thinking about how you will demonstrate that these policies and processes have been followed. For instance, if your marketing team sends out a newsletter and a recipient requests data deletion (a right established under GDPR), how is that request captured? How can you show that all necessary deletion efforts have taken place? How can you confirm when they took place? Ticketing and workflow automation streamline this phase of documentation as they gather up requests, move them through pre-defined processes and incorporate a revision history.