A Toolkit is available on the website which will assist organisations in reviewing compliance with the current legislation and inform preparation for compliance with the GDPR.
However, businesses on the Island subject to the GDPR should look firstly to guidance and advice from the European Data Protection Board (currently known as the Article 29 Working Party) and then to guidance issued by the supervisory authority in the relevant EU Member State (i.e. where goods and services are primarily offered).
The European Data Protection Board/EU Article 29 Working Party
These legal guidelines should be the first resources to consider for any compliance or interpretative considerations.
The guidelines issued to date cover:
- data portability
- data protection officers
- lead supervisory authority
- data protection impact assessments
The UK Information Commissioner
Several resources are available to assist compliance, including:
- a dedicated section of its website
- privacy impact assessment code of practice
- anonymisation code of practice
- privacy notices code of practice
- data protection self-assessment tool for small and medium sized enterprises
- encryption guidance
The Irish Data Protection Commissioner
An introductory document has been released for organisations to help them in preparing for GDPR. “The GDPR and You” lists 12 steps which organisations should be taking to be GDPR ready by 25 May 2018.
- The European Commission "Data protection - Better rules for small business"
- The New Zealand Information Commissioner has published guidance on privacy impact assessments.
- Other resources are available including guidance and advice from law firms such as Bird & Bird, Hunton & Williams, Eversheds, 11KBW, Hogan Lovells, DLAPiper microsite, the IAPP and many others.
- The GDPR - Steps towards compliance
- GDPR Toolkit: Part 1: Know Your Data: Mapping the 5 W's
- Know Your Data - Mapping Pages
- GDPR Toolkit: Part 2: Accountability questionnaire for the Board
- The GDPR Game Changers - WMV
- GDPR AICP Slides - WMV format
- GDPR Conference SliDo responses May2017