20 Important Data Privacy Questions You Should be Asking Now>
Security Boulevard – Marc Von Mandel
– Are we prepared for a data breach? – Do we incorporate âprivacy by designâ into our IT systems? – Have we conducted a Privacy Impact Assessment (PIA)? – Are we able to measure and demonstrate compliance with global data privacy regulations? – Have we identified and inventoried our data assets and processes used to process and store personal data? – Have we classified our data according to risk (high, medium, low)? – Who has access to our various data assets? – Have we calculated the financial impact of high-risk data if leaked? – Do we have the processes and resources in place to support data access requests from individuals? – How are we capturing data. Do we have the right level of consent? – Have we updated our privacy notices and privacy policies? – Do we have up to date records of all data processing activities? – How long do we keep data. Do we have a data retention schedule in place that in line with legal and regulatory compliance? – Do we have mechanisms in place to destroy or delete data if requested to do so? – Do we have a regular or ongoing data audit process set up for the future? – Do we regularly review and monitor applicable security controls for securing data? – Do we have a way to monitor and detect security incidents continuously? – Have we set up appropriate incident management procedures to handle a security incident? – Do we know who and how to notify an impactful security breach? – Do we need to appoint a Data Protection Officer?
Link: https://securityboulevard.com/2018/04/20-important-data-privacy-questions-you-should-be-asking-now/