GDPR How to Comply with the EU General Data Protection Regulation This check covers the key areas of personal data in the EU General Data Protection Regulation (GDPR). It is provided to help companies identify areas of non-compliance with the regulation. OK Question Title * 1. Do your core business operations involve the regular and systematic monitoring of data subjects on a large scale? Data subjects are individuals who are identified or identifiable from data. For the purposes of this check data refers to information which directly or indirectly identifies individuals. It includes, but is not limited to, payment details, customer records, healthcare information. Yes No OK Question Title * 2. Do you have a data protection policy which guides your employees in how to keep personal data secure? Yes No OK Question Title * 3. Do you encrypt personal data sent by email? Yes No OK Question Title * 4. Do you have personal data on removable media e.g. USB devices, CDs, DVD, etc. Yes No OK Question Title * 5. Are your company laptops encrypted? Yes No OK Question Title * 6. Do you store personal data in the cloud? This could include customer data in salesforce.com, on Dropbox etc. Yes No OK DONE
