We would like to ask you a few questions, from which we always begin an audit of compliance of procedures in the organisation with the GDPR guidelines. Answer them, and we will assess the risk of non-compliance with the requirements of the regulation.

1. Did you carry out an audit of the existing personal data security measures before 25 May 2018?
2. Have you conducted an analysis of the need to appoint a Data Protection Officer in your company?
3. Do you have documented rules of personal data processing in order to be able to comply with the principle of accountability?
4. Have you adjusted the data processing consent clauses and information obligations towards the persons whose data you process to the new regulations?
5. Do you keep a register of processing activities and a register of categories of processing activities meeting the requirements?
6. Have you determined how to proceed in the event of a data security incident?
7. Do you know your obligations related to reporting incidents to the President of the Personal Data Protection Office?
8. Have you authorised your employees to process personal data and have you collected confidentiality statements from them?
9. Have you entered into appropriate outsourcing agreements with all subcontractors to whom you outsource personal data?
10. Have you trained your employees in the field of personal data security?
11. Are you ready to carry out a periodic review of existing data security measures?
12. Are you ready for a personal data security audit by your customer?
13. Is your IT system ready for the “right to be forgotten” (deletion of personal data on request)?
14. Does your IT system, in which personal data are processed, force an automatic change of passwords, e.g. once every 30 days?
15. Do you know how long recordings of your CCTV system (camera monitoring) are stored?
16. Does each of your systems have data protection safeguards enabled by default?
17. Are you sure that your smartphone/laptop with configured e-mail access has adequate data protection safeguards in place?

The survey results will be sent to your e-mail address. Leave us your e-mail address, and we will contact you, and tell you, if and what support you need in terms of the GDPR!


 

Please note that RK RODO sp. O.o. with headquarters in Warsaw, Pl. Koneser 10a, 03-736 Warsaw, becomes the administrator of personal data regarding the data left in this form. Detailed information on the purposes of data processing and your rights will be obtained HERE or at rodo@rklegal.pl .

Name
Company name
Email