Reference 2018-656

REF:           2018-656

Subject:       GDPR compliance

 

Request:

  1. Do you plan on investing in technology specifically to comply with GDPR in the next 12 months?

 

o   Yes

o   No

 

  1. Have you implemented information security network(s)? Have those networks been updated to take account of GDPR?

 

o   Yes

o   No

 

  1. Nearly six months after GDPR has come into effect, have you completed an assessment and validation with all third-party organisations you work with regarding GDPR compliance?

 

o   Yes

o   No

 

  1. Do you monitor the compliance of all the third-party organisations you work against your information security?

 

o   Yes

o   No

 

  1. Under the new rules, have you completed an audit to identify all files or databases that include personally identifiable information (PII) within your organisation?

 

o   Yes

o   No

 

  1. Have the employees in your organisation received training on data protection and other relevant law?

 

o   Yes

o   No

 

 

Response:

1. Do you plan on investing in technology specifically to comply with GDPR in the next 12 months? No
2. Have you implemented information security network(s)? Have those networks been updated to take account of GDPR? Yes
3. Nearly six months after GDPR has come into effect, have you completed an assessment and validation with all third-party organisations you work with regarding GDPR compliance? Yes
4.  Do you monitor the compliance of all the third-party organisations you work against your information security? Yes
5. Under the new rules, have you completed an audit to identify all files or databases that include personally identifiable information (PII) within your organisation? Yes
6. Have the employees in your organisation received training on data protection and other relevant law? Yes