This self assessment toolkit has been created with small organisations in mind. It will be most helpful to small to medium sized organisations from the private, public and third sectors.
Good information handling makes good business sense. You'll enhance your business's reputation, increase customer and employee confidence, and by making sure personal information is accurate, relevant and safe, save both time and money.
Use our checklists to assess your compliance with data protection law and find out what you need to do to make sure you are keeping people’s personal data secure. Once you have completed each self assessment checklist a short report will be created suggesting practical actions you can take and providing links to additional guidance you could read that will help you improve your data protection compliance.
Small business owners and sole traders are advised to complete our Small business owners and sole traders checklist.
Data protection assurance checklists
Before undertaking our Data protection assurance self assessment checklists, you should first determine whether you process personal data as a “controller” or “processor”. The definition of these two terms can be found in our Guide to the UK GDPR.
In some instances, you will process personal information as both a controller and a processor. When this is the case, we would advise you complete both checklists.
Designed to help you, as a controller, assess your high level compliance with data protection legislation. Includes the rights of individuals, handling requests for personal data, consent, data breaches, and data protection impact assessments under the General Data Protection Regulations.