Pricing Customers

Back to checklists

GDPR

Empower your GDPR readiness? look no further, this checklist walks you through some of the essential implementations needed for GDPR compliance

1 Introduction

2 Did your organization audit PII access and storage? ^*

Yes, we have, and we update the document/record.

Yes, but only partially and/or the document isn’t updated.

No.

3 Is your client Privacy Policy well-defined online? ^*

Yes, and it’s updated when needed.

Yes, but it’s not updated.

No.

4 Does your organization encrypt all client/PII data? At rest and in transit. ^*

Yes, all data is encrypted.

Yes, but only part of the data is encrypted.

No.

5 Does your organization audit all access to client/PII data? ^*

Yes, full audit trail.

Yes, partially.

No.

6 Are all audit logs and alerts centralized in one place/system? ^*

Yes, fully.

Yes, partially.

No.

7 Is strong authentication enforced for client/PII data access? ^*

Yes, across all data sources.

Yes, partially.

No.

8 Is unnecessary client data deleted regularly? ^*

Yes, we delete data that isn’t needed.

No, we keep all the data.

9 Is there an internal data protection policy document? ^*

Yes, and awareness/training sessions are conducted for employees.

Yes, but it’s not communicated.

No.

10 Do you conduct ongoing privacy impact assessments? ^*

Yes, in an ongoing manner.

Yes, only once a year.

No.

11 Do you conduct regular sensitive data audits and tests? ^*

Yes, in an ongoing manner.

Yes, only once a year.

No, we don’t conduct such assessments.

12 Do you know your country's Data Protection Authority contact? ^*

Yes.

No.

13 Is there a process for notifying authorities/clients of data breaches? ^*

Yes.

No.

14 Is there a designated GDPR compliance person? ^*

Yes.

No.

15 Are vendor Data Protection Agreements defined and updated? ^*

Yes, with all vendors.

Yes, but only with part of them.

No.

16 Is client data request delivery secure and timely? ^*

Yes.

No.

17 Can your clients request to edit their data? ^* Not applicable

Yes.

No.

18 Can your clients request to delete their data? ^*

Yes.

No.

19 Is cookie consent available on your site? ^* Not applicable

Yes.

No.

Signup and start

email

Details

Author 21RISK

Languages English

Length 19 Questions

Last modified Mar 01, 2023

Created Apr 07, 2023

Signup and start

email

Footer

Solutions

Compliance
Property insurance

Resources

Documentation
Checklists
Experts
Customers
Changelog
Whitepapers
Roadmap
API Status

Company

About
Home
Blog
Pricing
Partners
Contact Us
Legal
Compliance

Subscribe to our newsletter

The latest news, articles, and resources, are sent to your inbox weekly.

email

Facebook Twitter

© 2024 21RISK ApS, All rights reserved. Sales questions? Call +45 702 702 60