When it comes to data protection compliance, one of our most frequent requests is, “how can I keep track of the many projects related to the GDPR.” Managing the road to compliance is a headache for even the most organised Project Managers tasked with leading your school’s data protection programme. 9ine has always been at the forefront of this programme with our Compliance Toolkit helping to manage each stage of your journey, and it’s being used by more schools everyday. Now we are pleased to announce our newest version with all aspects of education considered and usability being the driving factor.Data protection questions? Book a call with one of our Data Protection Consultants
GDPR Compliance Toolkit Update
Our latest update is our biggest yet, with improvements to almost every facet of our GDPR Compliance Toolkit. The goal of this update was to make our Toolkit simpler to use and more efficient. Each of our tabs have been remodelled to support the most up to date requirements set out by the regulation. Our data mapping exercise has been streamlined to ensure all data processing can be captured quicker and more accurately. Policies and procedures now include an example list of common policies, which our DPO Essentials customers can gain access to in template document format. Data processing agreements (DPA) with your providers / suppliers can now be assessed with our handy new DPA Assessment Checklist tool, and IT Projects has a new risk assessment section.
1. A Welcome Update
Our most frequent request from our clients was to make things easier, simpler and more guided. We are pleased to provide our new ‘Welcome’ tab, detailing a clear and simple set of instructions to kick start your journey to compliance.
2. Stages of Compliance
We have replaced our Actions Checklist with a greatly improved ‘Stages of Compliance’ tab, featuring a more practical and detailed list of tasks, associated packages, outputs and next steps. Our goal here is to provide a clear and functional journey to compliance. Our stages align with the 9ine 12 stages to GDPR Compliance and feature each stage broken down into steps and outputs. We also provide full detail of our service offerings and how we can support at each stage.
3. Improved Data Systems Audit Tab
The Data Systems Audit sheet allows the school IT Team to identify and capture how each system assists the school in complying with Article 32 - Security of Processing, and will identify where 3rd party systems require changes in order to comply with the regulation. The Data Systems Audit is designed for the IT Team to complete as one of the first stages in achieving compliance. The information captured here is required to better understand your current systems and their configurations. Each question within our Data Systems Audit tab has now been simplified, resulting in a quicker and more efficient workflow.
4. More Efficient Data Mapping and DPIAs
Our data mapping exercise has been remodelled. Cells are slimmer, headers are frozen, questions are clearer and our examples are more detailed. DPIAs can now be identified using our DPIA identifier algorithm and are much quicker to complete, thanks to deep integration of checkboxes and cleverly auto populated cells throughout.
5. Controller and Processor Contracts Tab and DPia assessment checklist tool
As an organisation it is required that you assess the contracts of your data processors, to ensure the personal data will be processed in line with the requirements of the GDPR. Our ‘Controller and Processor Contracts’ tab acts as a single location to capture links to each contract, supplier contact details, rights management information, identified risks and their mitigating actions. Linked within this tab is our Data Privacy Agreement Assessment checklist, enabling a simple method to assess each contract and determine whether it meets regulation requirements.
6. Policies, processes and Procedures tracker
Our tracker now includes a comprehensive list of policies and procedures that should be available within your institution. Acting as a single point of reference for tracking the progress of policy / procedure changes and their review. Our DPO Essentials clients receive a full suite of example policies, procedures and support documents, ready for tailoring to your school.
7.IT Projects Risk Assessment
Within Article 25 (GDPR) - Privacy by Design and Article 32 (GDPR) - Security of Processing, all IT projects that may impact the availability of personal data must be risk assessed. Our IT Projects tab now features an area to capture the full detail of each project. We provide supporting questions to ensure the project roles and responsibilities are defined, security of processing is considered, documentation is included and the right support is available.
8. New GDPR Project Planner
Our new planner provides a pre-populated stage by stage calendar, aligned to our 12 steps to compliance. Featuring a simple overview of each stage and a suitable method to schedule any time required.
Get Your Hands On Our Updated Toolkit
We hope you enjoy the details of our latest updates and find them useful. We will continually update our Compliance Toolkit to improve usability and remain current with updated guidance from the regulation. If you wish to acquire our new GDPR Compliance Toolkit and benefit from the latest updates, contact us for information on costs and how to get started.