A Practical Guide To GDPR

May 10, 2018 A Practical Guide To GDPR

News by Daniel Shone
A Practical Guide To GDPR

A Practical Guide To GDPR

*Click to Enlarge Image*

There is a lot of information and beginner’s guides to GDPR available. This is a visual interpretation of what we feel are key aspects our customers need to be aware of.  This is a condensed overview of key aspects of GDPR. It highlights that although some items are IT related, a large proportion of compliance is in relation to the handling of data and internal processes. We recommend all customers seek legal advice.


From a layman’s perspective, we have identified things to do. They are split up into Internal things to do, that you can do yourself and External things that you can have done to make your systems and networks safer.


Internal Things to do:

Data Risk Analysis

Identify and record your data flows

Appoint a Data Protection Officer

Staff training for Cyber Awareness

Write Data Protection Policies for your website

Subject Access Request Procedure

Know who to contact when a data breach occurs

Central place of record – time and date of breaches


External Things to do:

Security Audit

Penetration Test (Internal and External)

2 Form Factor Authentication

Encryption on Devices (Desktop and Portable)

Get Cyber Essentials (Basic or Plus)

GCHQ Board Level Training

GDPR Health Check Assessment

Daniel Shone

Daniel is the company founder. He started Apex Computing in 2003 and manages the day-to-day running of the business.