How To Prepare For The GDPR And What To Look Out For

GDPR preparation 

An SME preparing for the GDPR may find the following suggestions helpful in working towards compliance:

  • Allocate a budget
  • Assign responsibility to an individual for data protection
  • Complete a Data Protection Impact Assessment (DPIA). DPIAs are required under the GDPR on a regular basis
  • Consider current policies and procedures, and if these meet the obligations imposed under the GDPR, if not seek advice & update accordingly
  • Data Protection is a business-wide concern. Make sure all employees understand what personal data is and are prepared for what they need to do at an individual level, as part of their role
  • Devise a plan for data management across the business
  • Examine the possible types of breaches your business maybe exposed to
  • Make sure you can satisfy data subject access requests (SARs). SARs are are set to increase due to the fact that individuals have the right to request a copy of the personal data that you hold on them. Personal data requests should be provided in a commonly-used, machine-readable format, provided free of charge and within one month of the initial request
  • Consider contact facing online options via your website for consents, requests and withdrawal of data to avoid data management becoming a manual drain – you must make your systems work for you

For further help

The ICO has produced ‘Preparing for the GDPR: 12 steps to take now to help organisations on how to address the key issues.’  You can also refer to our Whitepaper – GDPR – What you need to know… which includes FAQs and lots of other straightforward guidance.

Also, to help SMEs we have put together a Whitepaper: GDPR for small businesses, this provides a full overview together with some helpful information and practical steps for you to work towards compliance. To access this Whitepaper Sign Up to Gravicus Osprey where you will also get   5 Free Data Protection Impact Assessments (DPIAs) with Osprey DPIA as well as access to our Resource Centre.


Telephone: 0203 858 0636

Email:  info@


Simply smart data management with Osprey