Assessment

The General Data Protection Regulation (GDPR) deadline is on May 25, 2018. GDPR will significantly alter the way businesses design, manage, store, and protect data. Tier4 Advisors supports GDPR compliance readiness. We invite you to take 5 minutes to answer the questions in Tier4's GDPR Applicability Checklist to determine if GDPR applies to your business.

Question Title

* 1. Do you have customers that are European Union (EU) citizens and collect or store their personal information?

Question Title

* 2. Do you have any Group Companies located outside the EU that collects EU citizens data?

Question Title

* 3. Do you have a fully compliant GDPR-friendly Privacy Policy?

Question Title

* 4. Do you have a training program for data management on GDPR?

Question Title

* 5. If you were asked, would you know what lawful basis you have for collecting and processing personal data?

Question Title

* 6. Is profiling or other processing based on explicit consent?

Question Title

* 7. Does your staff handbook and employment contract contain up-to-date GDPR references?

Question Title

* 8. If you engage with third party suppliers, do you know if they are complying with GDPR?

Question Title

* 9. Do you know who stores your data and whether they themselves are GDPR compliant?

Question Title

* 10. Do you fully understand the rights of your data subjects?

Question Title

* 11. Do you know what to do if you receive a data subject request?

Question Title

* 12. Is the data available on your data subjects easily accessible to them?

Question Title

* 13. Do you tell them that they are able to erase their data from your systems?

Question Title

* 14. Are you able to easily rectify data?

Question Title

* 15. Are individuals aware they have a right to object to certain kinds of data processing of their data?

Question Title

* 16. Do individuals give you consent to profile them?

Question Title

* 17. Is the data processed for 'specified, explicit and legitimate purposes'?

Question Title

* 18. Is personal data used in an 'adequate, relevant and limited' manner?

Question Title

* 19. Is your data accurate and kept up to date?

Question Title

* 20. Are you able to restrict processing of all or part of a data subject’s data?

Question Title

* 21. Are your systems that handle data secure?

Question Title

* 22. Do you fully understand how your organization manages its records?

Question Title

* 23. Do you have somebody who is responsible for ensuring you are fully GDPR compliant?

Question Title

* 24. Do you know what to do if you had a data breach?

Question Title

* 25. Have you ever had a Privacy Impact Assessment?

Question Title

* 26. Does your organization have a data security policy?

Question Title

* 27. Can you identify whether systems in scope of GDPR are affected in a breach?

Question Title

* 28. If a data breach occurs, can you demonstrate that appropriate security controls were in place?

Question Title

* 29. If need be, do I have a reliable mechanism to contact affected customers?

Question Title

* 30. Please provide us with your contact information.

T