• About us
  • Pricing
  • Services
    • Consultancy
  • Partners
  • Resources
  • Contact
  • Login
  • Try for FREE
ICO data protection fee campaign launches
January 13, 2020
Do I need to register with the ICO and pay a data protection fee?
February 3, 2020
January 31, 2020

Is your small business GDPR fit? Demonstrate GDPR compliance as a supplier

We look at how small businesses are being asked to demonstrate GDPR compliance as part of procurement processes for bigger organisations that are now getting to grips with GDPR in the supply chain.

As the General Data Protection Regulation (GDPR) becomes more embedded into everyday business practice, the imperative for organisations to validate their compliance through their supply chain is becoming evident. Increasingly organisations are being asked to contractually confirm and provide evidence of their implementation of the appropriate technical and organisational measures to comply with legislation.

Demonstrating GDPR compliance to become ‘approved supplier’

Our clients have been feeding back to us experiences in this area to help support our continuing evolution of our online GDPR compliance support tool.
bruno-nascimento-PHIgYUGQPvU-unsplash (002)

In our experience, larger organisations are now seeking evidence such as policies, training records and reporting protocols before allowing organisations to become an ‘approved supplier’. This can represent a challenge for small businesses who do not necessarily have the in-house skills needed. Thankfully all such records, training and evidence is provided through Astrid and this has been helpful for our clients who have been challenged through the procurement process.

GDPR questions being asked of small businesses

There are some key areas where it will be important to ensure you have rigorous processes in place to be able to demonstrate compliance as part of a business procurement process:

  1. Can you affectively describe your organisation’s approach to data protection and data security?
  2. What training and procedures do you have in place to ensure your staff know how to deal with confidential and personal data?
  3. What are your procedures for identifying and dealing with a data breach?
  4. Have you fully mapped all the personal data flows within your organisation?
  5. How can you ensure that any sub-contractors are also compliant with GDPR?
If you have concern over your small business’ GDPR fitness, create a free account and take our quick GDPR compliance check to flag up areas of weakness that need addressing.

Finally, if you are completing a tender or a PPQ and you will need to consider the personal data that you are sharing through that process and how this is identified and handled within your submission. This approach in itself this will be a practical demonstration of how compliant your small business is with data protection legislation.


Protect your business - become and remain GDPR compliant with Astrid

 
Subscribe today
 
Share
Emma Oram
Emma Oram

Related posts

May 19, 2020

Why does the ICO charge a data protection fee?

Read more

Leave a Reply Cancel reply

Your e-mail address will not be published. Required fields are marked *

Astrid Data Protection Ltd.

24 John Clare Close
Brackley
Northamptonshire
NN13 5GG

Useful links

  • Home
  • About us
  • Pricing
  • Services
  • Partners
  • Resources
  • Contact
  • Privacy notice
  • Cookie policy
Company number: 11166227 - ICO registration: A8242894 - © 2018 Astrid Data Protection Ltd.
Astrid Data Protection Ltd uses cookies on this website. By using this website you are agreeing to our use of cookies. To find out more read our cookie policy and privacy policy. Accept Read More
Privacy & Cookies Policy